Hi Team,
I have faced this error while provisioning the new account in Active Directory it shows like the IQService Access is denied.
I have attached the error image below,
Can anyone help out to solve this error?
Good morning @Santhakumar ,
As this is an Access Denied error, I believe that this is a permissions issue with the service account that is configured for the IQService.
That service account should have the following permissions:
- Read All Properties
- Read Members
- Write All Properties
- Write Members
- Create User Objects
You can inspect the service account permissions in AD by doing the following:
Go to the service account in AD, then Properties, then Security tab, then Advanced, then Effective Access, and on that tab, click “select a user”, locate the account and click OK, then click the View effective access button.
To update permissions, go back to the Permissions tab, then click Add. Click Select a principal and pull up the service account. Then you should be able to edit the permissions there.
Hope that helps!
Rich