Re: ADAM to ADAM Sync setup

One other thing that did not look good is ADAM admin selection. If you use a
local user from the first box, then you won't be able to logon to the
instance on the second box, because it does not know anything about that
user. I wonder if this has some effect on your problem. Try choosing a
domain user as ADAM admin.

I see many people hit this "parameter is incorrect" error during account
validation. We should have put more logging in place... I'll try to improve
this in longhorn.

--
Dmitri Gavrilov
SDE, DS Admin eXperience

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

"Lee Flight" <lef@xxxxxxxxxxxxxxx> wrote in message
news:uFekdQIGGHA.3856@xxxxxxxxxxxxxxxxxxxxxxx
> Hi
>
> a few questions:
>
> did you accept thr prompt to grant the logon as a service right
> to the domain account you are using?
>
> is there a firewall between the servers?
>
> on the second ADAM instance on the Joining a Configuration Set
> page of the wizard did you specify the fully-qualified DNS name
> of the source server as opposed to say, the IP address? Can the
> second server resolve the DNS name of the source server exactly
> as you typed it into the wizard on the Joining a Configuration Set
> page?
>
>
> Thanks
> Lee Flight
>
>
> "Bruce" <besmith2@xxxxxxxxxxx> wrote in message
> news:1137169299.236129.74060@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>> Step 1: I create the first AD/AM instance and I set the "service
>> account selection" to a domain user mydomain\AdamServiceAdmin.
>>
>> Step 2: I set the adam administrator to a local account
>> vmdotnet1\adamAdmin.
>>
>> The first instance creates successfully so I import the new schema
>> ldif's and a few users.
>>
>>
>> Step 3: Then I create the second AD/AM instance on a different box. I
>> choose replica. Now I get to the "Administrative Credentials for the
>> Configuration set" I put in the local user created on the first box
>> vmdotnet1\adamAdmin.
>>
>> Step 4: I choose my partition. Then on the "Service Account Selection"
>> I try to use the domain user mydomain\AdamServiceAdmin and it fails
>> with:
>>
>> The service account for this instance of ADAM cannot be used with the
>> selected configuration set. The account failed validation with the
>> following errror:
>> Error 0x80070057
>> The parameter is incorrect.
>>
>> Select a different service account, and then try again.....
>>
>> Please help.
>> Both machines are in the same domain.
>>
>
>


.

Relevant Pages

  • Re: ADAM SP1 on Win2K3 SP1
    ... Assuming SSL on ADAM is working fine and i want to use antoher domain user account as the ADAM service account. ... Do i only need to grant that account READ permission to machine keys and use dsdbutil to change the ADAM service account? ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAM SP1 on Win2K3 SP1
    ... ADAM Instance event log? ... MachineKeys folder to the domain user. ... want to use antoher domain user account as the ADAM service account. ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAM to ADAM Sync
    ... they need to in order to replicate), then you need to run them under domain ... > account selection" to a domain user mydomain\AdamServiceAdmin. ... > Configuration set" I put in the local user created on the first box ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAM Replication Service Account
    ... when you specified the configuration set to join did you specify the ... source instance by a resolvable name and not ... Search for "Selecting an ADAM service account" in the ADAM Help file. ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAM to ADAM Sync setup
    ... of the source server as opposed to say, ... as you typed it into the wizard on the Joining a Configuration Set ... > account selection" to a domain user mydomain\AdamServiceAdmin. ...
    (microsoft.public.windows.server.active_directory)