Grant Replicate Directory Changes Permission on a domain

In order to ask replicate directory changes permission to a domain controller, it does not have to be a domain admin. by delegation, we can create this.


why do we do this?

like say, user wants to update their information from SharePoint by themselve, we can allow the information that store in SharePoint database and replicate to the Active Directory. Some also need to be done as well in SharePoint Administration.


How to Grant Replicate Directory Changes?


  • At your domain controller, open up the Active Directory Users and Computers.
  • Right-click the domain. for example, netoverme.local ans select Delegate Control
  • Click Next on the Delegation Control Wizard.
  • On Users and Groups windows, click Add.
  • type a name of synchronization account. For example, sp_admin .click Nextsp_admindelegeate
  • on task to delegate, select create a custom to delegate and click next.
  • on the Active Directory Objext Type, Select This Folder,existing objects in this folder, and creation of new objects in this folder, and click Next.
  • on the Permission pages, select Replicating Directory Changes.replicating directory changes
  • click Next and Finish.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s