Re: IAS only authenticates Domain Admins, not normal users

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Is it normal to have to manipulate the permission within the ADOs in
order to make IAS work properly? The only possibly-non-standard thing
we've done is to group the users into different parent ADOs -- but
they are still 'users', and have no problem authenticating locally or
via IIS.

Which AD objects must they be able to read?

Thanks,
Matt

"Pheylan" <Pheylan@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:44DF95E0-64D4-4014-9DD2-555F5697C6AD@xxxxxxxxxxxxxxxx
> I'm not sure how to word this so that it makes sense, but I'll give
> it my
> best shot. Users have to have permission to read certain parts of
> the AD
> structure to even be able to authenticate. If you are using a
> non-standard
> OU, you may have to deal with this.


.