To create users you need to import ms-user.ldf, one of the ldif's provided with the ADAM installer. You can do this during GUI-mode setup or after the fact (see the header of the file for sample import syntax). You need to do this w/admin cred's to the instance. That would be the admin cred's that you supplied during install, or others you add to the admin group in the config partition. I discussed what I did because you explicitly stated: > When I created a user in ADAM..... If you created the user in ADAM I would point out that you probably have imported ms-user.ldf already, knowing or unknowingly, or created your own class which is a bindable object. I can't answer your second question as there is some mixed info here. On one hand you are saying "there is no provision for creating & adding a user" but on the other you said "when I created a user in ADAM...". Once that point is cleared up I can answer your question. That is, are you creating ADAM users or Windows users? It isn't clear to me from the info provided below. ~Eric
________________________________ From: Harpreet_Kapoor [mailto:[EMAIL PROTECTED] Sent: Sun 8/15/2004 2:12 AM To: [EMAIL PROTECTED] Cc: Eric Fleischman Subject: RE: [ActiveDir] Problem in importing schema in ADAM Hi Eric, In the ADAM schema, there is no provision for creating & adding a user. Will I be able to import the schema by adding the user & giving it admin rights in CN=Configuration,CN={guid} (I got this by right clicking on ADAM ADSI Edit, selecting "Connect to..." and then selecting the "Well known naming context". In the combo box , I selected "Configuration" .) I mean, will giving admin rights to the user over cn=config,cn={guid} help me import schema into ADAM schema. There is another issue regarding this. I have created an OU under dc=abcd,dc=com. My user has admin rights over this NC. Still, I am not able to import schema into this OU. Is this issue again caused by the same reason that you stated? Thanks, Harry -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Fleischman Sent: Saturday, August 14, 2004 10:04 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [ActiveDir] Problem in importing schema in ADAM So by definition you created a user that is in an app partition. Adding them to the admin's role in that app partition does give the admin over the partition but not over the config/schema. So what you're thinking is now "oh so I just need to add them to the admin group in the config." Seemingly easy task, but in ADAM we won't allow cross-NC membership. That is, a user from NC1 can't be a member of a group in NC2. In this case that prevents the user from being in the admin group in the config. Ah hah, but wait. What if you could create a user in the config? You can. You need a post-RTM QFE package where we added this ability + need to flip a setting in the config that will allow for it, but you most certainly can turn on the ability to create users in the config. Then you can add those users to the cn=admin,cn=roles,cn=config,cn={<guid>} group and they can be admin over the config/schema as you seem to desire. If you need this package ping me offline and I'll send it to you + instructions. Please include your phone # in that ping as the system requires I enter that (incase there is some awful problem with the package found and we want to try and reach you). ~Eric ________________________________ From: [EMAIL PROTECTED] on behalf of Harpreet_Kapoor Sent: Sat 8/14/2004 7:18 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Problem in importing schema in ADAM Hi guys, I am trying to import schema into ADAM. However, I get the message that the user has insufficient access. When I created a user in ADAM,I went to CN=Roles. There I right clicked on CN=Administrator , selected Properties and added the user dn in the member attribute by selecting <ADD ADAM ACCOUNT>.Hence, I made this user the administrator. However, while trying to import the schema, I got the error code 50 or 0x32 which means Insufficient access rights. What could be wrong? Do I need to do something else also before importing the schema? Thanks, Harry List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
