{"id":245,"date":"2026-04-01T10:03:32","date_gmt":"2026-04-01T09:03:32","guid":{"rendered":"https:\/\/overlaps.co.uk\/docs\/?page_id=245"},"modified":"2026-04-01T10:18:12","modified_gmt":"2026-04-01T09:18:12","slug":"add-a-new-user-or-group","status":"publish","type":"page","link":"https:\/\/overlaps.co.uk\/docs\/overlaps-documentation\/configuration\/users-and-groups\/add-a-new-user-or-group\/","title":{"rendered":"Add a New User or Group"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">To add a user, click the <strong>New User\/Group<\/strong> button, a window will appear allowing you to enter the user or group\u2019s account (user) name.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"775\" src=\"https:\/\/overlaps.co.uk\/docs\/wp-content\/uploads\/2026\/04\/config-users-add-user.jpg\" alt=\"Window for Adding a New User\" class=\"wp-image-259\" srcset=\"https:\/\/overlaps.co.uk\/docs\/wp-content\/uploads\/2026\/04\/config-users-add-user.jpg 800w, https:\/\/overlaps.co.uk\/docs\/wp-content\/uploads\/2026\/04\/config-users-add-user-300x291.jpg 300w, https:\/\/overlaps.co.uk\/docs\/wp-content\/uploads\/2026\/04\/config-users-add-user-768x744.jpg 768w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><figcaption class=\"wp-element-caption\">Adding a New User<\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Start typing the username and OVERLAPS will search Active Directory for potential matches for you to select from.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"400\" height=\"322\" src=\"https:\/\/overlaps.co.uk\/docs\/wp-content\/uploads\/2026\/04\/config-users-add-user-search.png\" alt=\"&quot;Add a New User\/Group&quot; Auto-suggest Dropdown\" class=\"wp-image-261\" srcset=\"https:\/\/overlaps.co.uk\/docs\/wp-content\/uploads\/2026\/04\/config-users-add-user-search.png 400w, https:\/\/overlaps.co.uk\/docs\/wp-content\/uploads\/2026\/04\/config-users-add-user-search-300x242.png 300w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption class=\"wp-element-caption\">Add a New User\/Group Auto-suggest<\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Here you may also set the user or group\u2019s site-wide permissions, which consist of:<\/p>\n\n\n\n<h2 id=\"edit-settings\" class=\"wp-block-heading\">Edit Settings<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Users with this permission are <strong>full Administrators<\/strong> have permission to everything in OVERLAPS. They are the only ones who can add or remove users, grant permission to OUs, and change the various system settings.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote has-secondary-background-color has-text-color has-background has-link-color wp-elements-1b1123c61790797c55bcf21bd699ef90 is-layout-flow wp-block-quote-is-layout-flow\" style=\"color:#ffffff\">\n<p class=\"wp-block-paragraph\"><strong>Warning:<\/strong> This allows the user full access to everything in OVERLAPS, including the ability to grant access to the LAPS password of any computer in the domain, including servers, to any other domain user.<\/p>\n<\/blockquote>\n\n\n\n<h2 id=\"edit-selfservice\" class=\"wp-block-heading\">Edit Self-Service<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Users with &#8220;Edit Self-Service&#8221; permission have permission to add, edit and remove computers from another user or group&#8217;s Self-Service settings. <strong>This allows this user\/group to grant access to LAPS passwords for ALL computers, including servers.<\/strong><\/p>\n\n\n\n<h2 id=\"view-history\" class=\"wp-block-heading\">View History<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Users with the View History permission can access the History page and view a log of everything that other users are doing within OVERLAPS.<\/p>\n\n\n\n<h2 id=\"view-computer-reports\" class=\"wp-block-heading\">View Computer Reports<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">If enabled, users will be able to run Computer Reports such as retrieving a list of computers that don&#8217;t have a LAPS password.<\/p>\n\n\n\n<h2 id=\"set-a-precise-expire-date-amp-time\" class=\"wp-block-heading\">Set a Precise Expire Date &amp; Time<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">If enabled, this user\/group can specify a date and time when expiring a computer\u2019s password (instead of just expiring immediately).<\/p>\n\n\n\n<h2 id=\"allow-browsing-active-directory\" class=\"wp-block-heading\">Allow Browsing Active Directory<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">If not allowed, the user(s) is will not be able to browse Active Directory containers even if they have permission to do so. Their only means of accessing a computer that they have permission to is by searching for it.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Note that this is not required for users that don&#8217;t have OU-level permission to access computers (e.g. Self-Service users). It is only intended for situation where you want to grant access to all of the devices in one or more OUs, but only want them to access them through the Search form.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Enabling this for Self-Service-only users can cause unexpected outcomes such as showing a &#8220;permission denied&#8221; error when logging on rather than being taken directly to their owned devices.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">Unless you have a very specific use-case for this feature, it is recommended to leave it <strong>Enabled<\/strong>.<\/p>\n<\/blockquote>\n\n\n\n<h2 id=\"allow-viewing-the-password-of-deleted-devices\" class=\"wp-block-heading\">Allow Viewing the Password of Deleted Devices<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Requires View Computer Reports permission and the Password History feature to be enabled<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If enabled, all devices that the user has permission to read passwords for (via OU permissions) will be accessible from the Password History report. This includes devices that have been deleted from Active Directory, so it can be useful for gaining access to devices which have dropped out of the domain for one reason or another.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Note that this setting is currently only available from the Edit User Access Levels window, not from the Add User window.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>To add a user, click the New User\/Group button, a window will appear allowing you to enter the user or group\u2019s account (user) name. Start typing the username and OVERLAPS will search Active Directory for potential matches for you to select from. Here you may also set the user or group\u2019s site-wide permissions, which consist [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":63,"menu_order":100,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-245","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/overlaps.co.uk\/docs\/wp-json\/wp\/v2\/pages\/245","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/overlaps.co.uk\/docs\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/overlaps.co.uk\/docs\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/overlaps.co.uk\/docs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/overlaps.co.uk\/docs\/wp-json\/wp\/v2\/comments?post=245"}],"version-history":[{"count":3,"href":"https:\/\/overlaps.co.uk\/docs\/wp-json\/wp\/v2\/pages\/245\/revisions"}],"predecessor-version":[{"id":269,"href":"https:\/\/overlaps.co.uk\/docs\/wp-json\/wp\/v2\/pages\/245\/revisions\/269"}],"up":[{"embeddable":true,"href":"https:\/\/overlaps.co.uk\/docs\/wp-json\/wp\/v2\/pages\/63"}],"wp:attachment":[{"href":"https:\/\/overlaps.co.uk\/docs\/wp-json\/wp\/v2\/media?parent=245"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}