I have a Windows 2003 (SP1) ADAM server. This server joins a Windows 2000 (SP4) domain.
I imported the ms-userproxy.ldf file while I installed my ADAM instance. I
created a user by selecting "userProxy" class and enter a SID of a Windows
user - I copied the SID value (0x01 0x05 ...) from my ADSI editor of my
Windows AD to the create user dialog.
Then I tried a LDAP simple bind to this proxy object with the Windows user's
password. I expect the bind would be redirected to AD. But I always got
error 49 [Invalid Credentials]. Is there anything missing in my setup?
BTW, I tried to search if there are discussions of proxy object in this news
group. But even I tried to search all messages after 1/1/2004 I can only
get messages sent in the last few days. How do I fix this problem?
Re: Proxy object in ADAM ... you do not say what application you are using to test the simple bind.... userproxy in the ADAM instance in the bind credentials?... > created a user by selecting "userProxy" class and enter a SID of a Windows... > Then I tried a LDAP simple bind to this proxy object with the Windows user's ... (microsoft.public.windows.server.active_directory)
Re: AD and Expired Password Checking and how to test? ... Directory: Windows 2000 ... Using server: ctstepdown.whatever.com:389 ... So then, now I'm still puzzled why, when I set the system clock to 10/11/06, I get "Invalid credential" when I try to do a bind, using either a simple bind or SSPI bind. ... adfind -sc u:username pwdlastset -tdcs ... (microsoft.public.windows.server.active_directory)
Re: AD and Expired Password Checking and how to test? ... Doh, sorry my bad, I should have checked, pwdlastset isn't in the GC in the default schema and I assumed it was because my test forest had that changed. ...Joe Richards Microsoft MVP Windows Server Directory Services... So then, now I'm still puzzled why, when I set the system clock to 10/11/06, I get "Invalid credential" when I try to do a bind, using either a simple bind or SSPI bind. ... Is it possible that AD expires passwords for LDAP binds EARLIER than it expires something like an SSPI or Windows bind? ... (microsoft.public.windows.server.active_directory)
Re: Advice - solution for a company server ... For an AD domain there is no advantage in cost to use Bind and it would ...Windows DNS, particularly ... for Windows 2003, has shown to be very robust. ...Bind can not use Active ... (microsoft.public.security)
Re: Update schema in ADAM from aremote machine ... The easiest solution is to use secure bind and bind as a windows principal... If you create an ADAM user in config partition, and add him to config admins ... (microsoft.public.windows.server.active_directory)
