Need help to delegate minimal LDAP permissions without full Domain Admin
Need to know how to delegate the following permissions to Active Directory user object to provide LDAP queries for software product without needing full Domain Admin rights. The vendor stated the user object only needs "querying groups and perform searches on behalf of other users" permissions - but i can't find online how to delegate that permission. Please advise. Thanks.
* LDAPSoftware* Managed Service AccountsActive Directory
If they need admin on servers and workstations in addition to this, see this article