Re: ADAM : Install using Domain users as Admin rights issue
From: Dmitri Gavrilov [MSFT] (dmitrig_at_online.microsoft.com)
Date: 02/18/04
- Next message: Arild Bakken: "Re: Authenticating ADAM user"
- Previous message: Shoe Box: "Re: Permissions That Are Modified Manually Are Reset to the Default Values"
- In reply to: Eoin Mooney: "Re: ADAM : Install using Domain users as Admin rights issue"
- Next in thread: Dmitri Gavrilov [MSFT]: "Re: ADAM : Install using Domain users as Admin rights issue"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 17 Feb 2004 22:27:40 -0800
If you create a partition on the 2nd instance after installing the 2nd
instance, then by default this partition is only hosted by the 2nd instance.
If you attempt to read this partition from the 1st instance, it will
generate a referral. LDAP clients can be configured to chase referrals. But
I don't know if you can make ADSIEdit do this.
You can modify the set of instances where the partition is hosted using
dsmgmt.exe utility in windir\ADAM folder. This is described in the help.
-- Dmitri Gavrilov SDE, Active Directory Core This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm "Eoin Mooney" <anonymous@discussions.microsoft.com> wrote in message news:1166701c3f539$382e5f50$a001280a@phx.gbl... > See inline , it seems we have it sussed apart from a few > issues [ cannot use ADSIedit to access the partition > created in the 2nd instance of ADAM - A referal from the > server error] , but this may be the account used when > setting up the instance [Domain user] > > > >-----Original Message----- > >I may be confusing what you're saying, but that looks > like your installation > >can't succeed because the context of the installation > account is not allowed > >to modify the registry. Is that what you're saying? > > After further investigation [and eventually finding > someone who knows Domain setups] it was a combination of > DNS settings and user privilidges you mention. > > Are you also saying > >that you've tried both a domain users account and a local > account for > >installation? > > Domain for both > > Or did you just put the domain user group in the local > >administrators group? > > See above and I also tried a mixture of domain and local > with mixed results > > > > > >Have you tried using a different group for rights other > than domain users? > > I thought the replicator and admin groups and run as > service would be the correct way to go. > > >Domain users would not be a good idea and you may be > running into problems > >because of it. It's a special group and may cause some > issues, right? > > > >How about trying it with a user in the domain that has > administrative rights > > Did that already . > >(domain admin account if this is a test domain)? Same > results? > > What about > >a user that is in the local server admins? Same result? > > > >Al > > > > > >"Eoin Mooney" <eoin.mooney@nortelnetworks.com> wrote in > message > >news:10ce201c3f477$3936bcc0$a001280a@phx.gbl... > >> Hi, > >> > >> I am trying to write up a proceedure [as well as getting > >> ADAM to replicate] for our product that uses ADAM . > >> > >> Our test set-up is > >> > >> Win 2000 Server Domain > >> Win 2003 member server with ADAM. > >> > >> Installing ADAM steps > >> > >> Ist instance setup : Unique > >> > >> Service Account Selection : > >> Domain Users with Run As service set and part of the > >> replicator group [as well as the Admin group] > >> > >> Admin Administators > >> > >> I have tried both : > >> Same as Service Account [as recommended] > >> Administrators group [first on the Win2003 machine and > >> then on the Domain server] > >> > >> But I believe the problem that I am encountering is to > do > >> with the Service Account selection. I get the following > >> error > >> > >> The wizard could not access the registry > >> Error Code : 0x8007054b > >> The specified domain either does not exist of could not > be > >> contacted. > >> > >> Now I will put my hand up and say I am not a n/w or > domain > >> setup expert but as far as we can see the domain > >> controller "seems" setup with the correct Wins and DNS > and > >> users with the appropiate permissions . > >> > >> I am unsure where to post this problem because I dont > know > >> what is is ADAM or Setup [n/w] > >> > >> Does Win 2003 member server need additional setings on > it? > >> Are there special considerations to consider when > setting > >> up replication in a Domain. > >> > >> Also > >> Is is absoultly necessary to have the service account > and > >> the Admin account the same during setup ? I know you can > >> add groups later on but I would perfer to avoid this > extra > >> step . > >> > >> > >> Regards > >> > >> Eoin > >> > > > > > >. > >
- Next message: Arild Bakken: "Re: Authenticating ADAM user"
- Previous message: Shoe Box: "Re: Permissions That Are Modified Manually Are Reset to the Default Values"
- In reply to: Eoin Mooney: "Re: ADAM : Install using Domain users as Admin rights issue"
- Next in thread: Dmitri Gavrilov [MSFT]: "Re: ADAM : Install using Domain users as Admin rights issue"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
