To control access to directory data, Active Directory Lightweight Directory Services (AD LDS) relies on permissions that are granted to users and groups. AD LDS supports the simultaneous use of both Windows users and AD LDS users as members of AD LDS groups. AD LDS provides four default role-based groups. You can create additional AD LDS groups as necessary. To create AD LDS users, you must first import the user object class definitions that are provided with AD LDS, or you can supply your own user object definitions.
Task | Reference |
---|---|
Read about AD LDS users and groups. |
|
Extend the schema of an instance to include user classes. |
|
Add users to the directory. |
|
Add members to AD LDS groups. |