What is interesting is these accounts are a member of Domain Administrator.
Also the permissions didn't propagate down to the child objects that are in the Domain Administrator group. They propagated down to other objects child user objects though in the users container. I went in an manually added the permissions to one of the accounts, and the LDAP write operation still fails. Does anyone know if this is by design via the LDAP interface? They developer isn't using ADSI. Thanks, Todd Myrick List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
