Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Allowing user to update their personal details in AD

Posted on 2013-12-16
4
Medium Priority
?
525 Views
Last Modified: 2013-12-18
Hi
On Windows 2003 AD servers, was looking out for a utility that allows users to update certain personal fields in the absence of a central HR Application integration.

Am aware that certain identity and Access management (IAM) solutions have this capability but would like to use something more economical for the time being. If it can be developed on Sharepoint and all users gets a portal based form where he /  she has the ability to change allowed fields that eventually shows up on Outlook contacts, that would be apt.

The attached screenshot is of a user contact as it appears within Outlook 2010 and would like them to have ability to update their information as related in boxes 1 & 2 including their small picture and finally stored and synced within AD.

Also, would be great if someone can point me to any off the shelf product available?
AD-details.jpg
0
Comment
Question by:fahim
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 14

Assisted Solution

by:Ram Balachandran
Ram Balachandran earned 400 total points
ID: 39723260
You can use the AD delegation, see the below links. You can delegate the permissions as per your requirement.
http://www.windowsecurity.com/articles/Implementing-Active-Directory-Delegation-Administration.html

Else, You can follow the below steps.
Open ADUC [ Dsa.msc]
Create a OU and move all the users to that OU on whom you want to delegate access.
Right click on OU and click on Properties
Go to security Tab(If security tab is missing then cancel it and click on view/Advanced view and again try)
Click on advanced cutton in security properties
Click on add button
Add the users who should have acess to change the attributes. [ here Domain Users/ or a group]
Click on the Properties Tab and you will find all the attributes there.
Give read attribute and write attribute for the attribute you want to delegate
Click apply OK.
 IF you dont know the attributes for the particular user property please check the below lnk
http://www.kouti.com/tables/userattributes.htm
0
 

Author Comment

by:fahim
ID: 39723291
Ram: if we have about 10,000 users within our AD at varying levels of IT expertise, I would want to have a very friendly UI for this functionality.

Something where a user will only have access to change/amend certain stuff like:

1. Office Location
2. Work Phone
3. Department
4. Picture
5. other existing user attributes allowed for modification.

Asking them to open ADUC doesn't seem like the best and user friendly option.

Any other suggestion?
0
 
LVL 44

Accepted Solution

by:
Rainer Jeschor earned 1200 total points
ID: 39723390
Hi,
there are a couple of SharePoint third-party applications/web parts available, like
ADSelfService Plus
HarePoint Active Directory Self Service
Profile Manager

but also some free ones like
http://nominesptools.codeplex.com/

Do you already have/use SharePoint?
Which version and edition?

HTH
Rainer
0
 
LVL 3

Assisted Solution

by:Detlef001
Detlef001 earned 400 total points
ID: 39723764
If anyone is still looking to do this, then the system is already in place under Windows 7 (maybe XP but not tested it)

Open Explorer/My Computer
Select Network
A new button appears called 'Search Active Directory'
Click this button and search for your user name.
Once found, right click your name, select properties.
Change the contact number and click the OK's
AD is updated. Admins can change anyones details, normal users can only change their own.
Hope that helps.

Edit :- And no you don't need to change any permissions. They are already set as default.

Moreover you can achieve this by an application also. Freeware but up to some limitation on the numbers of users.
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When using a search centre, I'm going to show you how to configure Sharepoint's search to only return results from the current site collection. Very useful when using Office 365 with multiple site collections.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question