About Creating the Application User in the Directory

Depending on your authentication and registration strategies, and the options that you implement for your deployment, you must define a user, called the application user, in the directory.

The application user is the only user who can read or write user information in the directory. Therefore, it is critical that the application user has appropriate search and write privileges to the directory. For information on creating the application user, see Configuring the Application User.