{"id":36303,"date":"2014-12-12T14:38:27","date_gmt":"2014-12-12T13:38:27","guid":{"rendered":"https:\/\/staging.firstware.com\/?p=36303"},"modified":"2022-09-14T13:19:27","modified_gmt":"2022-09-14T12:19:27","slug":"allow-non-staff-edit-ad-data","status":"publish","type":"post","link":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/","title":{"rendered":"Allow non-IT staff to edit AD data"},"content":{"rendered":"<p>Maintaining address data in Active Directory is not an easy task for non-IT employees. At least not with the Active Directory Users and Computers console.<\/p>\n<p>As a result, IT professionals must (still) maintain the address data.<!--more--><\/p>\n<p>\u00a0 <br \/>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Index<\/p>\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#IT-admins-and-master-data-maintenance\" >IT admins and master data maintenance<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#Preparation-and-configuration-of-FirstWare\" >Preparation and configuration of FirstWare<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#Define-the-Admin-Role\" >Define the Admin-Role<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#Web-Server-Installation-of-FirstWare\" >Web Server Installation of FirstWare<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#Log-in-and-Search-Root\" >Log in and Search Root<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#Non-IT-staff-and-Active-Directory\" >Non-IT staff and Active Directory<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#Let-Non-IT-staff-update-AD-master-data\" >Let Non-IT staff update AD master data<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#Change-the-group-membership-of-a-user\" >Change the group membership of a user<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#Get-your-test-license-now\" >Get your test license now<\/a><\/li><\/ul><\/nav><\/div>\n\n\u00a0<\/p>\n<h2><span class=\"ez-toc-section\" id=\"IT-admins-and-master-data-maintenance\"><\/span>IT admins and master data maintenance<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>IT admins take care of the master data maintenance in many systems and applications. And this basically has 2 reasons. On the one hand, the systems need to be handled with care due to security standards. On the other hand, most of these applications and systems are just not user-friendly for non-IT personnel. Other staff would need training for the usage and knowledge of the wording used in these programs. (And in the worst case, an idea about how to use parameters or how to script&#8230;)<\/p>\n<p>If you want <strong>non-IT staff to maintain data <\/strong>with a software solution, the tool should<\/p>\n<ul>\n<li>be clear and<\/li>\n<li><strong>easy to understand<\/strong><\/li>\n<li><strong>not need any support of the IT staff<\/strong> (or as little as possible)<\/li>\n<li>only be accessible and editable, what has been previously specified (<strong>limited<\/strong> access)<br \/>\n\u00a0<\/li>\n<\/ul>\n<p>Standard tools for Active Directory do not match these requirements or only in a very limited way.<\/p>\n<p>But it still <strong>makes sense to think about the <\/strong><strong>delegation<\/strong> of AD administration, because<\/p>\n<ul>\n<li><strong>IT specialists should maintain systems<\/strong> in the first place (not the data in the databases\/directories)<\/li>\n<li><strong>data to be changed is not owned by the IT<\/strong>, but by other departments<\/li>\n<li><strong>time and money<\/strong> can be saved<br \/>\n\u00a0<\/li>\n<\/ul>\n<p>In the next chapter I want to explain how to <strong>enable non-IT staff to edit AD<\/strong> data in Active Directory <strong>without great financial expanse<\/strong>, using FirstWare IDM-Portal.<\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Preparation-and-configuration-of-FirstWare\"><\/span>Preparation and configuration of FirstWare<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>First, you should clarify what tasks the non-IT employee shall take care of. What are the attributes to edit? Is there something you must not do?<\/p>\n<p>In the following example, we enable the human resources department to edit AD data, create user accounts and to maintain group memberships.<\/p>\n<p>Firstware-FreeEdition includes an <strong>Admin Role<\/strong>, to create AD user accounts. (<span class=\"st\">\u2192<\/span> more about roles in FirstWare-FreeEdition)<br \/>\nThe Admin Role itself must be defined outside the software by an Active Directory admin.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Define-the-Admin-Role\"><\/span>Define the Admin-Role<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Requirements for a well-planned use of FirstWare-FreeEdition are Active Directory and a clustered OU structure.<\/p>\n<p>Think about the following OU structure:<\/p>\n<ul>\n<li>User accounts<\/li>\n<li>Admin accounts<\/li>\n<li>Service accounts<\/li>\n<\/ul>\n<p>The <strong>Advantage of an OU structuring <\/strong>is that some branches can be hidden. This leads to a better overview and security, because you can limit what parts of the AD are accessible for delegation purposes. If you <a title=\"contact\" href=\"https:\/\/firstware.com\/en\/contact\/\" target=\"_blank\" rel=\"noopener noreferrer\">need help<\/a> with this, we are happy to get your message.<\/p>\n<p>FirstWare-F\/en\/company\/contact\/reeEdition uses an admin or <strong>service account to write data in Active Directory<\/strong>.<\/p>\n<p>If you provide FirstWare-FreeEdition as a web application, the person who uses the Admin Role of FirstWare is limited by the permissions of the service account.<\/p>\n<p><strong>In short: An IT admin should create a service account<\/strong> with all read and write permissions that the non-IT coworker should maintain at maximum.<\/p>\n<p>The privileges of this account are the absolute maximum permissions with which the software can work.<br \/>\nOther limitations in the software made by:<\/p>\n<ul>\n<li>the account with which the user logs on<\/li>\n<li>the role of the user in the software (Admin Role \/ User Role)<\/li>\n<li>the number of editable attributes in the software<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Web-Server-Installation-of-FirstWare\"><\/span>Web Server Installation of FirstWare<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>After you created a service account and checked the OU structure for suitability, you can install FirstWare.\u00a0<\/p>\n<div id=\"attachment_2689\" style=\"width: 650px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall1-1024x705.png\" data-rel=\"lightbox-image-0\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img decoding=\"async\" aria-describedby=\"caption-attachment-2689\" class=\"wp-image-2690 size-large\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall1-1024x705.png\" alt=\"Web Server Installation\" width=\"640\" height=\"440\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall1-1024x705.png 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall1-300x206.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall1.png 1245w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/a><p id=\"caption-attachment-2689\" class=\"wp-caption-text\">Select Web server installation<\/p><\/div> <div id=\"attachment_2691\" style=\"width: 650px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall2-1024x705.png\" data-rel=\"lightbox-image-1\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img decoding=\"async\" aria-describedby=\"caption-attachment-2691\" class=\"wp-image-2692 size-large\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall2-1024x705.png\" alt=\"FirstWare Web Server Installation Service Account\" width=\"640\" height=\"440\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall2-1024x705.png 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall2-300x206.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall2.png 1245w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/a><p id=\"caption-attachment-2691\" class=\"wp-caption-text\">A definierte service account<\/p><\/div>\n<p>At the end of the installation you will get a link to access the application. You just need to send this link to the non-IT colleagues, to let the access the portal.<br \/>\nEach employee must log in with his own AD account.<br \/>\nIf &#8220;Enable Integrated Windows Authentication&#8221; is enabled, the non-IT staff is automatically logged in with his\/her Windows account.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Log-in-and-Search-Root\"><\/span>Log in and Search Root<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>After logging in with the Admin Role the master data owner can start working.<\/p>\n<p>Verify that he\/she really uses the <strong>Admin Role<\/strong>. Otherwise, he\/she can only edit his\/her own data with the (User Role).<\/p>\n<p><a href=\"https:\/\/firstware.com\/wp-content\/uploads\/2014\/10\/Screen-Benutzer-Rolle400-300x162.png\" data-rel=\"lightbox-image-2\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img decoding=\"async\" class=\"alignnone wp-image-2285 size-medium\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2014\/10\/Screen-Benutzer-Rolle400-300x162.png\" alt=\"Screen-Benutzer-Rolle\" width=\"300\" height=\"162\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2014\/10\/Screen-Benutzer-Rolle400-300x162.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2014\/10\/Screen-Benutzer-Rolle400.png 400w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a> \u00a0 <a href=\"https:\/\/firstware.com\/wp-content\/uploads\/2014\/10\/Screen-Admin-Rolle400-300x162.png\" data-rel=\"lightbox-image-3\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img decoding=\"async\" class=\"alignnone wp-image-2283 size-medium\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2014\/10\/Screen-Admin-Rolle400-300x162.png\" alt=\"Screen-Admin-Rolle\" width=\"300\" height=\"162\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2014\/10\/Screen-Admin-Rolle400-300x162.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2014\/10\/Screen-Admin-Rolle400.png 400w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>\u00a0(left: User Role \/ right: Admin Role)<\/p>\n<div class=\"su-spoiler su-spoiler-style-fancy su-spoiler-icon-chevron su-spoiler-closed\" data-scroll-offset=\"0\" data-anchor-in-url=\"no\"><div class=\"su-spoiler-title\" tabindex=\"0\" role=\"button\"><span class=\"su-spoiler-icon\"><\/span>Non-IT staff is not owner of the Admin Role<\/div><div class=\"su-spoiler-content su-u-clearfix su-u-trim\">\nIf the person that is reponsible for the AD administration is not using the Admin Role, you have to make him a member of the Firstware-Admins group.<br \/>\nIt will be the best to create a separate AD group for this purpose.<\/p>\n<ul>\n<li>Create such a group or decide what group you will use for this purpose<\/li>\n<li>Run FirstWare with an AD admin account<\/li>\n<li>Click the &#8220;Config&#8221; tab<\/li>\n<li>Go to &#8220;Identity Manager Roles&#8221; an set the OU in which the FirstWare-Admin accounts can be found<\/li>\n<\/ul>\n<\/div><\/div>\n<p>With a\u00a0 click on &#8220;Config&#8221; you can set the search root \/ AD entry point.<\/p>\n<p>Staff using FirstWare with the Admin Role (Non-IT staff) can now edit and maintain AD master data.<\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Non-IT-staff-and-Active-Directory\"><\/span>Non-IT staff and Active Directory<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Editing address and user data in Active Directory is easy and intuitiv with FirstWare. There is <strong>no training<\/strong> necessary.<\/p>\n<p>Once set up, you enable Non-IT staff to edit AD data<strong>.<\/strong><br \/>\n\u00a0<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Let-Non-IT-staff-update-AD-master-data\"><\/span>Let Non-IT staff update AD master data<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span id=\"result_box\" class=\"short_text\" lang=\"en\" tabindex=\"-1\"><span class=\"hps\">A<\/span> <span class=\"hps\">non-IT<\/span> <span class=\"hps\">staff<\/span> <span class=\"hps\">can easily<\/span> <span class=\"hps\">update<\/span> <span class=\"hps\">address data<\/span><\/span>. And here is how:<\/p>\n<p><span style=\"text-decoration: underline;\">Example:<\/span><\/p>\n<ul>\n<li>User: Brian Wood<\/li>\n<li>Street old: 85 Denham St.<\/li>\n<li>Street new: 115 Green Ave<\/li>\n<\/ul>\n<ol>\n<li>Run FirstWare (type the URL or use a bookmark in your browser)<br \/>\nSearch for &#8220;Brian&#8221;<br \/>\n\u00a0<\/li>\n<li>Click Manage to edit Brian Wood<br \/>\n\u00a0<\/li>\n<li>Click in the field (attribute) you want to change, here: Street<br \/>\n\u00a0<\/li>\n<li>Enter the new street &#8211; click save and it&#8217;s done.\n<\/li>\n<\/ol>\n<p>The new Non-IT admin can of course edit any other AD address data as well.<br \/>\nIf you want him\/her to <strong>maintain additional attributes<\/strong>, that may come from a <strong>schema extension<\/strong>, just contact us &#8211; we&#8217;ll adjust FirstWare for you.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Change-the-group-membership-of-a-user\"><\/span>Change the group membership of a user<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>It is as easy to add a user to an Active Directory group. (<span class=\"st\">\u2192<\/span> group management)<\/p>\n<p><span style=\"text-decoration: underline;\">Possible applications of AD groups:<\/span><\/p>\n<ul>\n<li><strong>Belonging to the department <\/strong>(<a title=\"User Management\" href=\"https:\/\/firstware.com\/en\/\" target=\"_blank\" rel=\"noopener noreferrer\">more<\/a>)<strong><br \/>\n<\/strong><\/li>\n<li><strong>Folder permissions<\/strong> (more)<\/li>\n<li><strong>Mail distribution lists <\/strong>(more)<strong><br \/>\n<\/strong><\/li>\n<li>Software distribution<\/li>\n<li>other authorizations&#8230;<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\">Example &#8211; User changes departments:<\/span><\/p>\n<ul>\n<li>User Brian Wood<\/li>\n<li>Old Department: Logistics<\/li>\n<li>New Departmenet: Planning<\/li>\n<li><strong>Avoid over permissioning!<\/strong> Remove Logistics group membership<\/li>\n<\/ul>\n<ol>\n<li>Search user &#8220;Brian Wood&#8221; and click &#8220;Manage&#8221; to edit<br \/>\n\u00a0<\/li>\n<li>Click the &#8220;Group Membership&#8221; tab, to see all groups, the user is member of<br \/>\n\u00a0<\/li>\n<li>Search the group of the new department &#8220;Planning&#8221; and Drag &amp; Drop it to the right side<br \/>\n\u00a0<\/li>\n<li>To avoid over permissioning: Remove the user from the old department &#8220;Logistics&#8221;<br \/>\n\u00a0<\/li>\n<li>Finally click &#8220;Save&#8221; &#8211; done\n<\/li>\n<\/ol>\n<p>Enabling Non-IT staff to edit AD data such as department group memberships or address data is a small part of the opportunities that Active Directory offers.<br \/>\nWith groups and attributes you can control a lot of permissions and applications. If you want to know more about it, we are happy to get your <a title=\"contact\" href=\"https:\/\/firstware.com\/en\/contact\/\" target=\"_blank\" rel=\"noopener noreferrer\">message<\/a>.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Get-your-test-license-now\"><\/span>Get your test license now<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>You can test FirstWare IDM-Portal 2017 SmartEdition for 30 days and see if it fits your needs. We are happy to provide you with further information.<\/p>\n<p><a href=\"https:\/\/firstware.com\/en\/contact\/\"><button class=\"ButtonBeratung aligncenter\">Contact us<\/button><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Maintaining address data in Active Directory is not an easy task for non-IT employees. At least not with the Active [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1839],"tags":[],"class_list":["post-36303","post","type-post","status-publish","format-standard","hentry","category-identity-management-en"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Allow non-IT staff to edit AD data - FirstWare IDM-Portal<\/title>\n<meta name=\"description\" content=\"Active Directory data maintenance for Non-IT staff \u25b3 Delegation to assistants \/ HR department \u25b3 Enable Non-IT staff to edit AD data, such as...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Allow non-IT staff to edit AD data - FirstWare IDM-Portal\" \/>\n<meta property=\"og:description\" content=\"Active Directory data maintenance for Non-IT staff \u25b3 Delegation to assistants \/ HR department \u25b3 Enable Non-IT staff to edit AD data, such as...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/\" \/>\n<meta property=\"og:site_name\" content=\"FirstWare IDM-Portal\" \/>\n<meta property=\"og:image\" content=\"https:\/\/firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall1-1024x705.png\" \/>\n<meta name=\"author\" content=\"Matthias Rudolph\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Matthias Rudolph\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/\"},\"author\":{\"name\":\"Matthias Rudolph\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/person\\\/bbf90428975a703dd7544e828358a1ce\"},\"headline\":\"Allow non-IT staff to edit AD data\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/\"},\"wordCount\":1201,\"publisher\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2014\\\/12\\\/FirstWare-WebServerInstall1-1024x705.png\",\"articleSection\":[\"Identity Management\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/\",\"name\":\"Allow non-IT staff to edit AD data - FirstWare IDM-Portal\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2014\\\/12\\\/FirstWare-WebServerInstall1-1024x705.png\",\"description\":\"Active Directory data maintenance for Non-IT staff \u25b3 Delegation to assistants \\\/ HR department \u25b3 Enable Non-IT staff to edit AD data, such as...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/#primaryimage\",\"url\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2014\\\/12\\\/FirstWare-WebServerInstall1-1024x705.png\",\"contentUrl\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2014\\\/12\\\/FirstWare-WebServerInstall1-1024x705.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/allow-non-staff-edit-ad-data\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Allow non-IT staff to edit AD data\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\",\"name\":\"FirstWare IDM-Portal\",\"description\":\"Identity and Autorization Management in M365 and Active Directory\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\",\"name\":\"FirstWare IDM-Portal\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/IDM-Portal.ico\",\"contentUrl\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/IDM-Portal.ico\",\"width\":1,\"height\":1,\"caption\":\"FirstWare IDM-Portal\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/person\\\/bbf90428975a703dd7544e828358a1ce\",\"name\":\"Matthias Rudolph\",\"sameAs\":[\"http:\\\/\\\/www.firstattribute.com\"],\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/author\\\/matthias\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Allow non-IT staff to edit AD data - FirstWare IDM-Portal","description":"Active Directory data maintenance for Non-IT staff \u25b3 Delegation to assistants \/ HR department \u25b3 Enable Non-IT staff to edit AD data, such as...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/","og_locale":"en_US","og_type":"article","og_title":"Allow non-IT staff to edit AD data - FirstWare IDM-Portal","og_description":"Active Directory data maintenance for Non-IT staff \u25b3 Delegation to assistants \/ HR department \u25b3 Enable Non-IT staff to edit AD data, such as...","og_url":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/","og_site_name":"FirstWare IDM-Portal","og_image":[{"url":"https:\/\/firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall1-1024x705.png","type":"","width":"","height":""}],"author":"Matthias Rudolph","twitter_misc":{"Written by":"Matthias Rudolph","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#article","isPartOf":{"@id":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/"},"author":{"name":"Matthias Rudolph","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/person\/bbf90428975a703dd7544e828358a1ce"},"headline":"Allow non-IT staff to edit AD data","mainEntityOfPage":{"@id":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/"},"wordCount":1201,"publisher":{"@id":"https:\/\/www.firstware.com\/en\/#organization"},"image":{"@id":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#primaryimage"},"thumbnailUrl":"https:\/\/firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall1-1024x705.png","articleSection":["Identity Management"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/","url":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/","name":"Allow non-IT staff to edit AD data - FirstWare IDM-Portal","isPartOf":{"@id":"https:\/\/www.firstware.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#primaryimage"},"image":{"@id":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#primaryimage"},"thumbnailUrl":"https:\/\/firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall1-1024x705.png","description":"Active Directory data maintenance for Non-IT staff \u25b3 Delegation to assistants \/ HR department \u25b3 Enable Non-IT staff to edit AD data, such as...","breadcrumb":{"@id":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#primaryimage","url":"https:\/\/firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall1-1024x705.png","contentUrl":"https:\/\/firstware.com\/wp-content\/uploads\/2014\/12\/FirstWare-WebServerInstall1-1024x705.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.firstware.com\/en\/blog\/allow-non-staff-edit-ad-data\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.firstware.com\/en\/"},{"@type":"ListItem","position":2,"name":"Allow non-IT staff to edit AD data"}]},{"@type":"WebSite","@id":"https:\/\/www.firstware.com\/en\/#website","url":"https:\/\/www.firstware.com\/en\/","name":"FirstWare IDM-Portal","description":"Identity and Autorization Management in M365 and Active Directory","publisher":{"@id":"https:\/\/www.firstware.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.firstware.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.firstware.com\/en\/#organization","name":"FirstWare IDM-Portal","url":"https:\/\/www.firstware.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.firstware.com\/wp-content\/uploads\/2019\/06\/IDM-Portal.ico","contentUrl":"https:\/\/www.firstware.com\/wp-content\/uploads\/2019\/06\/IDM-Portal.ico","width":1,"height":1,"caption":"FirstWare IDM-Portal"},"image":{"@id":"https:\/\/www.firstware.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/person\/bbf90428975a703dd7544e828358a1ce","name":"Matthias Rudolph","sameAs":["http:\/\/www.firstattribute.com"],"url":"https:\/\/www.firstware.com\/en\/blog\/author\/matthias\/"}]}},"_links":{"self":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts\/36303","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/comments?post=36303"}],"version-history":[{"count":0,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts\/36303\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/media?parent=36303"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/categories?post=36303"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/tags?post=36303"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}