1. Support Portal
  2. RadiantOne IDDM (Formerly Known As FID)
  3. Advanced Configuration

Delegated Admin Access

Shraddha Jamadade
Updated

To allow members of a specific group to log in and access the RadiantOne Control Panel, follow the steps below:

1. Locate the Group

  • Open the Directory Browser tab.

  • Navigate to: ou=globalgroups,cn=config

  • Select the group you want to manage.

2. Assign Group to Delegated Admin Role

To provide login access only (in this erxample):

  • Add the group to: cn=operator,ou=globalgroups,cn=config

To assign specific delegated admin privileges, use one of the following roles based on the desired level of access:

  • Directory Administrator

  • Read Only

  • Namespace Administrator

  • Operator

  • Schema Administrator

  • ACI Administrator

  • ICS Administrator

  • ICS Operator

📘 More information:
Refer to the Delegated Administration Roles (attached below) section in
Sys_Admin_Guide.pdf

3. Configure the Admin Group for Dynamic Membership

  • Click on the desired admin group (e.g., Directory Administrators).

  • On the right panel, select the objectClass attribute.

  • Choose Modify Attribute → Add Value.

  • Enter groupOfURLs as the new value and click OK.

4. Define Dynamic Group Members

  • Select the group entry and click Manage Group.

  • Click Edit Dynamic Members → Add.

  • Specify the Base DN where the group members are located, or click Browse to locate it.

  • Set the Scope for the search (Base, One Level, or Subtree).

  • Enter an LDAP filter to define member criteria.
    Example:
    (&(objectClass=User)(memberOf=CN=support,OU=groups,o=My Company))

  • Click Confirm.

After this step, the group entry will include a memberURL attribute that defines dynamic membership.

5. Register Dynamic Group in Control Panel

  • Switch the Control Panel to Expert Mode.

  • Navigate to: Settings → Interception → Special Attributes Handling

  • Under the Dynamic Group section, click Add → Choose.

  • Browse and select the dynamic group entry or its parent node.
    Example:
    cn=directory administrators,ou=globalgroups,cn=config

  • Click OK,

  • Change the Member Attribute to uniqueMember from the drop-down list. 

  • Then Save in the upper-right corner.

6. Test User Access

After completing the configuration, members of the delegated group can log in to the Control Panel.

Example Login:

  • Username: cn=ann,ou=users,o=My Company (based on your directory proxy/hdap/view)

  • Password: <AD password>

Further Documentation

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

See more