Foreign Security Principals Permissions

For Foreign Security Principals (FSP) to be aggregated, created, or modified a single service account must have full delegated permissions on the FSP container. Use the Delegation Control Wizard to delegate permissions to the service Account.

To delegate permissions using the Delegation Control Wizard, complete the following:

Open Active Directory Users and Computers.
Right-click on the ForeignSecurityPrincipals container, select Delegate Control, and then select Next.
Select the Add button to add a service account user and then select Next.
Select Create a custom task to delegate and then select Next.
Select This folder, existing objects in this folder and creation of objects in this folder.
On the next screen, select Full Control under Permissions, and then select Next.
Select Finish.

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Foreign Security Principals Permissions

Documentation Feedback