Discussion:
ADAM & Replicate Directory Changes Permission
(too old to reply)
Peter Geelen
2006-04-28 09:01:02 UTC
Permalink
Linking AD to ADAM with MIIS I got an error "Replication access was denied".

How can I set the "Replicate Directory Changes" Permission to an ADAM Server?
Is this permission set with DSACLS?
Apparently setting the DSACLS Grant "General Read" and "General Write"
permission was not enough... (and I don't want do give the service account
full administrative rights...)

Thanks for you help !
--
Peter Geelen
System Engineer
Markus Vilcinskas
2006-04-28 16:25:40 UTC
Permalink
There you go:
http://support.microsoft.com/default.aspx?scid=kb;en-us;303972&Product=idser





Cheers,

Markus



///////////////////////////////////////////////////////////////////////
Markus Vilcinskas

Technical Writer
Microsoft Identity Integration Server
mailto:***@microsoft.com.NO_SPAM

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/copyright.htm
///////////////////////////////////////////////////////////////////////
Post by Peter Geelen
Linking AD to ADAM with MIIS I got an error "Replication access was denied".
How can I set the "Replicate Directory Changes" Permission to an ADAM Server?
Is this permission set with DSACLS?
Apparently setting the DSACLS Grant "General Read" and "General Write"
permission was not enough... (and I don't want do give the service account
full administrative rights...)
Thanks for you help !
--
Peter Geelen
System Engineer
Peter Geelen
2006-05-01 16:58:02 UTC
Permalink
Thanks Markus,

but does this apply to >ADAM< AdsiEdit... (Active Directory Application Mode)?

The "Active Directory Users and Computers" snap-in is not used in ADAM.
There is no "Domain Naming Context" in ADAM, nor "Users & Computers"...
No "Security" section in the Properties setting....

It should be some kind of property of the "Configuration" partition of ADAM.
Or a combination of some permissions to the configuration partition.

If you look into the "Grant" options of DSACLS, you will not find a
"Replicate Directory" permission setting, or did I overlook it?
So where do I find it?

Thanks for your help !
--
Peter Geelen
System Engineer

www.identitymanagement.be
Post by Markus Vilcinskas
http://support.microsoft.com/default.aspx?scid=kb;en-us;303972&Product=idser
Cheers,
Markus
///////////////////////////////////////////////////////////////////////
Markus Vilcinskas
Technical Writer
Microsoft Identity Integration Server
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/copyright.htm
///////////////////////////////////////////////////////////////////////
Post by Peter Geelen
Linking AD to ADAM with MIIS I got an error "Replication access was denied".
How can I set the "Replicate Directory Changes" Permission to an ADAM Server?
Is this permission set with DSACLS?
Apparently setting the DSACLS Grant "General Read" and "General Write"
permission was not enough... (and I don't want do give the service account
full administrative rights...)
Thanks for you help !
--
Peter Geelen
System Engineer
Loading...