Required Permissions for Enabling Active Directory Group Synchronization
The Active Directory Group Synchronization feature in Laserfiche Directory Server relies on the service user having sufficient permissions to query the Active Directory tree.
Make sure that the service account for Laserfiche Directory Server has sufficient permissions to view the desired Active Directory objects. The service account should have the following permissions:
- List contents
- Read all properties
- Read permissions
Note: Required permissions are set in Active Directory, not Laserfiche Directory Server. See Microsoft 's Documentation.