{ "addgroupmember": { "name": "AddGroupMember", "description": "Grants permission to add a member to a group on a directory", "accessLevel": "Write", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:MemberName", "ds-data:Realm", "ds-data:MemberRealm", "ds-data:Identifier" ], "dependentActions": [] }, "creategroup": { "name": "CreateGroup", "description": "Grants permission to create a group on a directory", "accessLevel": "Write", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:Identifier", "ds-data:Realm" ], "dependentActions": [] }, "createuser": { "name": "CreateUser", "description": "Grants permission to create a user on a directory", "accessLevel": "Write", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:Identifier", "ds-data:Realm" ], "dependentActions": [] }, "deletegroup": { "name": "DeleteGroup", "description": "Grants permission to delete a group on a directory", "accessLevel": "Write", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:Identifier", "ds-data:Realm" ], "dependentActions": [] }, "deleteuser": { "name": "DeleteUser", "description": "Grants permission to delete a user on a directory", "accessLevel": "Write", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:Identifier", "ds-data:Realm" ], "dependentActions": [] }, "describegroup": { "name": "DescribeGroup", "description": "Grants permission to describe a group on a directory", "accessLevel": "Read", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:Identifier", "ds-data:Realm" ], "dependentActions": [] }, "describeuser": { "name": "DescribeUser", "description": "Grants permission to describe a user on a directory", "accessLevel": "Read", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:Identifier", "ds-data:Realm" ], "dependentActions": [] }, "disableuser": { "name": "DisableUser", "description": "Grants permission to disable a user on a directory", "accessLevel": "Write", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:Identifier", "ds-data:Realm" ], "dependentActions": [] }, "listgroupmembers": { "name": "ListGroupMembers", "description": "Grants permission to list members in a group on a directory", "accessLevel": "List", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:Realm", "ds-data:MemberRealm", "ds-data:Identifier" ], "dependentActions": [] }, "listgroups": { "name": "ListGroups", "description": "Grants permission to list groups on a directory", "accessLevel": "List", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:Realm" ], "dependentActions": [] }, "listgroupsformember": { "name": "ListGroupsForMember", "description": "Grants permission to list the groups that a member is in on a directory", "accessLevel": "List", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:Realm", "ds-data:MemberRealm", "ds-data:Identifier" ], "dependentActions": [] }, "listusers": { "name": "ListUsers", "description": "Grants permission to list users on a directory", "accessLevel": "List", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:Realm" ], "dependentActions": [] }, "removegroupmember": { "name": "RemoveGroupMember", "description": "Grants permission to remove a member from a group on a directory", "accessLevel": "Write", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:MemberName", "ds-data:Realm", "ds-data:MemberRealm", "ds-data:Identifier" ], "dependentActions": [] }, "searchgroups": { "name": "SearchGroups", "description": "Grants permission to search for groups on a directory", "accessLevel": "Read", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds-data:DescribeGroup", "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:Realm" ], "dependentActions": [] }, "searchusers": { "name": "SearchUsers", "description": "Grants permission to search for users on a directory", "accessLevel": "Read", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds-data:DescribeUser", "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:Realm" ], "dependentActions": [] }, "updategroup": { "name": "UpdateGroup", "description": "Grants permission to update a group on a directory", "accessLevel": "Write", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:Identifier", "ds-data:Realm" ], "dependentActions": [] }, "updateuser": { "name": "UpdateUser", "description": "Grants permission to update a user on a directory", "accessLevel": "Write", "resourceTypes": [ { "name": "directory", "required": true, "conditionKeys": [], "dependentActions": [ "ds:AccessDSData" ] } ], "conditionKeys": [ "ds-data:SAMAccountName", "ds-data:Identifier", "ds-data:Realm" ], "dependentActions": [] } }