Checked from XP SP2 and W2K3 server. schmmgmt.dll version is 5.2.3790.0. I did notice that when I look at perms at the root of the schema mgt snap in (on the DC), only system has full control. Schema admins have a subset. Could explain why ADMOD will do it but the snap-in won't. I have no intention of changing schema perms to allow full access through a GUI by humans. :-)
********************** Charlie Kaiser MCSE, CCNA Systems Engineer Essex Credit / Brickwalk 510 595 5083 ********************** > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond > Sent: Tuesday, March 08, 2005 7:52 PM > To: [email protected] > Subject: RE: [ActiveDir] Ad users and Computers > > Odd. What OS were you running this on & what version of the tools? > > Thanks. > > --Brian Desmond > [EMAIL PROTECTED] > Payton on the web! www.wpcp.org > > v - 773.534.0034 x135 > f - 773.534.8101 > c - 312.731.3132 > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:ActiveDir- > > [EMAIL PROTECTED] On Behalf Of Charlie Kaiser > > Sent: Tuesday, March 08, 2005 8:57 AM > > To: [email protected] > > Subject: RE: [ActiveDir] Ad users and Computers > > > > I looked at that on mine (I usually stay away from the > schema snap-in > > <G>) and saw the box, but it was greyed out. Other > attributes, such as > > street, had the box checked but still greyed out. Yet others had the > box > > not greyed out at all. > > I wonder what the criteria are for making that box available? I was > > checking with schema admin perms... > > > > ********************** > > Charlie Kaiser > > MCSE, CCNA > > Systems Engineer > > Essex Credit / Brickwalk > > 510 595 5083 > > ********************** > > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Brian > Desmond > > > Sent: Monday, March 07, 2005 4:59 PM > > > To: [email protected] > > > Subject: RE: [ActiveDir] Ad users and Computers > > > > > > If you use the schema management snap-in instead to do this, > > > there's a cehckbox to copy the attribute. Perhaps a bit less > > > dangerous than tinkering in adsiedit: > > > > > > Start>run>regsvr32 schmmgmt.dll > > > start>run>schmmgmt.msc > > > > > > Browse down to the streetAddress attribute, there's a > > > checkbox on the bottom of one of the property page that says > > > somethign to the tune of "Copy this attribute in ADUC". > > > > > > --Brian > > > > > > --Brian Desmond > > > [EMAIL PROTECTED] > > > Payton on the web! www.wpcp.org > > > > > > v - 773.534.0034 x135 > > > f - 773.534.8101 > > > > > > ________________________________ > > > > > > From: [EMAIL PROTECTED] on behalf of Sakari Kouti > > > Sent: Mon 3/7/2005 6:03 PM > > > To: [email protected] > > > Subject: RE: [ActiveDir] Ad users and Computers > > > > > > > > > > > > Hi Christine, > > > > > > My guess is that Microsoft accidentally flagged a wrong > > > attribute to be copied when a user is copied. The "Street" > > > attribute you see in ADUC is stored in the "streetAddress" > > > attribute (which is an LDAP name), and that attribute is not > > > copied. However, another attribute with an LDAP name is > > > "street" is copied. It is not visible in ADUC and normally > > > you don't use it for anything. > > > > > > Some other attributes that might be logical to copy are (as a > > > matter of taste): > > > > > > - General tab: Office > > > - Telephones tab: Fax > > > > > > And now for the practical part: > > > > > > To specify the correct Street attribute to be copied: > > > > > > - Log on as a Schema Admin > > > > > > - Enable schema modifications. If you know how to use > > > RegEdt32, start it and select the HKEY_LOCAL_MACHINE window. > > > Next, locate the key > > > SYSTEM-CurrentControlSet-Services-NTDS-Parameters. Under that > > > key, add a value (if it doesn't exist already) named Schema > > > Update Allowed, with a data type REG_DWORD and data "1" > > > (without quotes). If the value already exists, change the > > > data to "1". When you later disable schema changes, either > > > change the data to "0" or remove the whole value (i.e., the > > > parameter line). > > > > > > - Start ADSI Edit which is part of the Server support tools > > > (adsiedit.msc) > > > > > > - Locate the Schema container > > > > > > - Locate the object CN=Address > > > > > > - Open it and modify its searchFlags from 0 to 16, and save > > > > > > - Disable schema modifications (see above) > > > > > > Then you may have to wait five minutes for the schema cache > > > to refresh (I don't go into triggering it here). And you > > > probably need to restart ADUC, but after that the Street > > > attribute should get copied. > > > > > > Yours, Sakari > > > > > > PS. If you do something wrong here, at most you need to > > > reinstall your forest, so don't worry :-) > > > > > > PPS. Schema modifications don't need to be enabled/disabled on > WS2003. > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED] On Behalf Of > > > > Christine Allen > > > > Sent: Monday, March 07, 2005 9:42 PM > > > > To: '[email protected]' > > > > Subject: [ActiveDir] Ad users and Computers > > > > > > > > > > > > Running AD 2000, > > > > > > > > I'm creating templates for user creation for the help desk. > > > > However, when > > > > they copy the template it does not copy all the field > > > information like > > > > address. It copies city and state, but not street address. > > > > > > > > Does anyone know why it will copy come fields, but not all? > > > > > > > > > > > > -Christine > > > > List info : http://www.activedir.org/List.aspx > > > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > > > List archive: > > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > > > List info : http://www.activedir.org/List.aspx > > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > > List archive: > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > > > > > > > List info : http://www.activedir.org/List.aspx > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
