So by definition you created a user that is in an app partition. Adding them to the
admin's role in that app partition does give the admin over the partition but not over
the config/schema.
So what you're thinking is now "oh so I just need to add them to the admin group in
the config." Seemingly easy task, but in ADAM we won't allow cross-NC membership. That
is, a user from NC1 can't be a member of a group in NC2. In this case that prevents
the user from being in the admin group in the config.
Ah hah, but wait. What if you could create a user in the config? You can. You need a
post-RTM QFE package where we added this ability + need to flip a setting in the
config that will allow for it, but you most certainly can turn on the ability to
create users in the config. Then you can add those users to the
cn=admin,cn=roles,cn=config,cn={<guid>} group and they can be admin over the
config/schema as you seem to desire.
If you need this package ping me offline and I'll send it to you + instructions.
Please include your phone # in that ping as the system requires I enter that (incase
there is some awful problem with the package found and we want to try and reach you).
~Eric
________________________________
From: [EMAIL PROTECTED] on behalf of Harpreet_Kapoor
Sent: Sat 8/14/2004 7:18 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Problem in importing schema in ADAM
Hi guys,
I am trying to import schema into ADAM. However, I get the message that the user has
insufficient access.
When I created a user in ADAM,I went to CN=Roles.
There I right clicked on CN=Administrator , selected Properties and added the user dn
in the member attribute by selecting <ADD ADAM ACCOUNT>.Hence, I made this user the
administrator. However, while trying to import the schema, I got the error code 50 or
0x32 which means Insufficient access rights.
What could be wrong? Do I need to do something else also before importing the schema?
Thanks,
Harry
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
