Announcement

Collapse
No announcement yet.

Puzzleing LDAP/AD issue

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Puzzleing LDAP/AD issue

    It ran into this issue and for a temp work around but not sure what is causing it.


    NOS: Win2k3 R2 SBS

    Using LDAP Terra software I am able to connect to the LDAP Schema remotely with the principal name as "administrator". Yet when i try with another account which was a copy of administrator and call "Testadmin" I was NOT able to connect to the LDAP schema unless I made the principal name as [email protected]l.

    Where i am lost is; both accounts have all the same privaliges with-in AD, and the "administrator" account does NOT need the long Principal name format([email protected]) and the Testadmin account DOES need the long principal name.


    Hope someone is able to shed some light as i am baffled on where to start.

    Thanks to all who are able to provide some insite and fixes

  • #2
    Re: Puzzleing LDAP/AD issue

    We have found that SBS 2003 doesn't like having multiple domain admins, nor does it like it when user accounts are copied rather than being created from scratch.

    I would recommend that you create a new user account with the required permissions and test it using that account. If that doesn't help, then until your research suggests an alternative explanation, I would be resigned to blaming this on a quirk.

    For reference, we have found issues when logged in as domain admins other than the default 500 Administrator, including but not limited to:

    - other admin accounts seeing a very limited view of the directory in ADUC
    - other admin accounts being prevented from running executables
    - other admin accounts experiencing bizarre permissions issues which are easily worked around - the permissions themselves are fine

    We never really looked into the problems that much but we are confident that they were not caused by problems with our configuration.
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

    Comment


    • #3
      Re: Puzzleing LDAP/AD issue

      Thanks gforce for the reply and your input.

      Tried what u had suggested and the problem is still the same.

      tried my same setup on a not R2 server but it is a Win2k3 SBS box and it worked with out the full principal name.

      Very odd issue...Seems to be a bug/qwerk indeed.

      Comment


      • #4
        Re: Puzzleing LDAP/AD issue

        In that case it's not down to a quirk of SBS. Could be a bug, but IMO more likely to be an issue with your configuration.
        Gareth Howells

        BSc (Hons), MBCS, MCP, MCDST, ICCE

        Any advice is given in good faith and without warranty.

        Please give reputation points if somebody has helped you.

        "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

        "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

        Comment

        Working...
        X