"Gibraltar" <Gibral***@discussions.microsoft.com> wrote in message
news:E022329B-5E93-4EFD-A245-3D7B53718D9D@microsoft.com...
> Hello,
> I have installed an ADAM instance on a member server of an Active
> Directory
> Domain. However, when I try to add a local machine user or a domain user
> to
> the 'Readers' group in ADAM, when I click apply, it gives me an error "A
> directory service error has occured" and doesn't allow me to add the
> local/domain users. However, I am able to add the ADAM users to the
> readers
> group comfortably. Any idea why this is happening? Your valuable inputs
> are
> apprciated.
>
> Thanks,
> Gib

"Joe Kaplan" wrote:

> I assume you are trying to use ADSI Edit to do this, right?  I actually
> don't use ADSI Edit, just ldp.exe, but I can tell you how to add Windows
> principals to ADAM groups that way.  Just edit the member attribute and use
> the SID DN syntax.  For example, you can add the Windows built in
> Authenticated Users SID to the readers role with:
>
> <SID=S-1-5-11>
>
> You can put any built-in, domain or local machine in and ADAM will
> automatically create the appropriate foreign security principal.  AD does
> that too, btw.
>
> HTH,
>
> Joe K.
>
> --
> Joe Kaplan-MS MVP Directory Services Programming
> Co-author of "The .NET Developer's Guide to Directory Services Programming"
> http://www.directoryprogramming.net
> --
> "Gibraltar" <Gibral***@discussions.microsoft.com> wrote in message
> news:E022329B-5E93-4EFD-A245-3D7B53718D9D@microsoft.com...
> > Hello,
> > I have installed an ADAM instance on a member server of an Active
> > Directory
> > Domain. However, when I try to add a local machine user or a domain user
> > to
> > the 'Readers' group in ADAM, when I click apply, it gives me an error "A
> > directory service error has occured" and doesn't allow me to add the
> > local/domain users. However, I am able to add the ADAM users to the
> > readers
> > group comfortably. Any idea why this is happening? Your valuable inputs
> > are
> > apprciated.
> >
> > Thanks,
> > Gib
>
>
>

"Gibraltar" <Gibral***@discussions.microsoft.com> wrote in message
news:106505C1-7500-48C8-9F27-81FCEFB99C99@microsoft.com...
> Thanks Joe but I get the same error when I try through ldap too.
> I right clicked on Roles and clicked on Modify. In the Edit,
> I put Attribute as Member and the values: <SID=S-1-5-11> as you advised
> but
> it gives the following error.
> Error:Modify:Operations Error.<1>
> Server Error:00002095:SvcErr:DSID-032A08FC,problem 5012(DIR_ERROR),data 61
>
> Error 0x2095 A Directory service error has occured.
>
> Please help me.
>
>
> "Joe Kaplan" wrote:
>
>> I assume you are trying to use ADSI Edit to do this, right?  I actually
>> don't use ADSI Edit, just ldp.exe, but I can tell you how to add Windows
>> principals to ADAM groups that way.  Just edit the member attribute and
>> use
>> the SID DN syntax.  For example, you can add the Windows built in
>> Authenticated Users SID to the readers role with:
>>
>> <SID=S-1-5-11>
>>
>> You can put any built-in, domain or local machine in and ADAM will
>> automatically create the appropriate foreign security principal.  AD does
>> that too, btw.
>>
>> HTH,
>>
>> Joe K.
>>
>> --
>> Joe Kaplan-MS MVP Directory Services Programming
>> Co-author of "The .NET Developer's Guide to Directory Services
>> Programming"
>> http://www.directoryprogramming.net
>> --
>> "Gibraltar" <Gibral***@discussions.microsoft.com> wrote in message
>> news:E022329B-5E93-4EFD-A245-3D7B53718D9D@microsoft.com...
>> > Hello,
>> > I have installed an ADAM instance on a member server of an Active
>> > Directory
>> > Domain. However, when I try to add a local machine user or a domain
>> > user
>> > to
>> > the 'Readers' group in ADAM, when I click apply, it gives me an error
>> > "A
>> > directory service error has occured" and doesn't allow me to add the
>> > local/domain users. However, I am able to add the ADAM users to the
>> > readers
>> > group comfortably. Any idea why this is happening? Your valuable inputs
>> > are
>> > apprciated.
>> >
>> > Thanks,
>> > Gib
>>
>>
>>

"Joe Kaplan" wrote:

> Did you try that on the roles container or one of the group objects in the
> container like Readers?
>
> Joe K.
>
> --
> Joe Kaplan-MS MVP Directory Services Programming
> Co-author of "The .NET Developer's Guide to Directory Services Programming"
> http://www.directoryprogramming.net
> --
> "Gibraltar" <Gibral***@discussions.microsoft.com> wrote in message
> news:106505C1-7500-48C8-9F27-81FCEFB99C99@microsoft.com...
> > Thanks Joe but I get the same error when I try through ldap too.
> > I right clicked on Roles and clicked on Modify. In the Edit,
> > I put Attribute as Member and the values: <SID=S-1-5-11> as you advised
> > but
> > it gives the following error.
> > Error:Modify:Operations Error.<1>
> > Server Error:00002095:SvcErr:DSID-032A08FC,problem 5012(DIR_ERROR),data 61
> >
> > Error 0x2095 A Directory service error has occured.
> >
> > Please help me.
> >
> >
> > "Joe Kaplan" wrote:
> >
> >> I assume you are trying to use ADSI Edit to do this, right?  I actually
> >> don't use ADSI Edit, just ldp.exe, but I can tell you how to add Windows
> >> principals to ADAM groups that way.  Just edit the member attribute and
> >> use
> >> the SID DN syntax.  For example, you can add the Windows built in
> >> Authenticated Users SID to the readers role with:
> >>
> >> <SID=S-1-5-11>
> >>
> >> You can put any built-in, domain or local machine in and ADAM will
> >> automatically create the appropriate foreign security principal.  AD does
> >> that too, btw.
> >>
> >> HTH,
> >>
> >> Joe K.
> >>
> >> --
> >> Joe Kaplan-MS MVP Directory Services Programming
> >> Co-author of "The .NET Developer's Guide to Directory Services
> >> Programming"
> >> http://www.directoryprogramming.net
> >> --
> >> "Gibraltar" <Gibral***@discussions.microsoft.com> wrote in message
> >> news:E022329B-5E93-4EFD-A245-3D7B53718D9D@microsoft.com...
> >> > Hello,
> >> > I have installed an ADAM instance on a member server of an Active
> >> > Directory
> >> > Domain. However, when I try to add a local machine user or a domain
> >> > user
> >> > to
> >> > the 'Readers' group in ADAM, when I click apply, it gives me an error
> >> > "A
> >> > directory service error has occured" and doesn't allow me to add the
> >> > local/domain users. However, I am able to add the ADAM users to the
> >> > readers
> >> > group comfortably. Any idea why this is happening? Your valuable inputs
> >> > are
> >> > apprciated.
> >> >
> >> > Thanks,
> >> > Gib
> >>
> >>
> >>
>
>
>

"Gibraltar" <Gibral***@discussions.microsoft.com> wrote in message
news:C809BEC4-8F4B-4D1D-8803-6C9BDCC08115@microsoft.com...
> Sorry Joe, I did it on Readers group inside the roles container.
> I get the same error even if I try adding a domain user account. I am only
> able to add ADAM user accounts but not any other domain/machine accounts.
>
> Wht might be the reason? Everything else is fine.
>
> Thanks,
> Gib
>
> "Joe Kaplan" wrote:
>
>> Did you try that on the roles container or one of the group objects in
>> the
>> container like Readers?
>>
>> Joe K.
>>
>> --
>> Joe Kaplan-MS MVP Directory Services Programming
>> Co-author of "The .NET Developer's Guide to Directory Services
>> Programming"
>> http://www.directoryprogramming.net
>> --
>> "Gibraltar" <Gibral***@discussions.microsoft.com> wrote in message
>> news:106505C1-7500-48C8-9F27-81FCEFB99C99@microsoft.com...
>> > Thanks Joe but I get the same error when I try through ldap too.
>> > I right clicked on Roles and clicked on Modify. In the Edit,
>> > I put Attribute as Member and the values: <SID=S-1-5-11> as you advised
>> > but
>> > it gives the following error.
>> > Error:Modify:Operations Error.<1>
>> > Server Error:00002095:SvcErr:DSID-032A08FC,problem 5012(DIR_ERROR),data
>> > 61
>> >
>> > Error 0x2095 A Directory service error has occured.
>> >
>> > Please help me.
>> >
>> >
>> > "Joe Kaplan" wrote:
>> >
>> >> I assume you are trying to use ADSI Edit to do this, right?  I
>> >> actually
>> >> don't use ADSI Edit, just ldp.exe, but I can tell you how to add
>> >> Windows
>> >> principals to ADAM groups that way.  Just edit the member attribute
>> >> and
>> >> use
>> >> the SID DN syntax.  For example, you can add the Windows built in
>> >> Authenticated Users SID to the readers role with:
>> >>
>> >> <SID=S-1-5-11>
>> >>
>> >> You can put any built-in, domain or local machine in and ADAM will
>> >> automatically create the appropriate foreign security principal.  AD
>> >> does
>> >> that too, btw.
>> >>
>> >> HTH,
>> >>
>> >> Joe K.
>> >>
>> >> --
>> >> Joe Kaplan-MS MVP Directory Services Programming
>> >> Co-author of "The .NET Developer's Guide to Directory Services
>> >> Programming"
>> >> http://www.directoryprogramming.net
>> >> --
>> >> "Gibraltar" <Gibral***@discussions.microsoft.com> wrote in message
>> >> news:E022329B-5E93-4EFD-A245-3D7B53718D9D@microsoft.com...
>> >> > Hello,
>> >> > I have installed an ADAM instance on a member server of an Active
>> >> > Directory
>> >> > Domain. However, when I try to add a local machine user or a domain
>> >> > user
>> >> > to
>> >> > the 'Readers' group in ADAM, when I click apply, it gives me an
>> >> > error
>> >> > "A
>> >> > directory service error has occured" and doesn't allow me to add the
>> >> > local/domain users. However, I am able to add the ADAM users to the
>> >> > readers
>> >> > group comfortably. Any idea why this is happening? Your valuable
>> >> > inputs
>> >> > are
>> >> > apprciated.
>> >> >
>> >> > Thanks,
>> >> > Gib
>> >>
>> >>
>> >>
>>
>>
>>

> Thanks Joe but I get the same error when I try through ldap too.
> I right clicked on Roles and clicked on Modify. In the Edit,
> I put Attribute as Member and the values: <SID=S-1-5-11> as you advised but
> it gives the following error.
> Error:Modify:Operations Error.<1>
> Server Error:00002095:SvcErr:DSID-032A08FC,problem 5012(DIR_ERROR),data 61
>
> Error 0x2095 A Directory service error has occured.
>
> Please help me.
>
>
> "Joe Kaplan" wrote:
>
>> I assume you are trying to use ADSI Edit to do this, right?  I actually
>> don't use ADSI Edit, just ldp.exe, but I can tell you how to add Windows
>> principals to ADAM groups that way.  Just edit the member attribute and use
>> the SID DN syntax.  For example, you can add the Windows built in
>> Authenticated Users SID to the readers role with:
>>
>> <SID=S-1-5-11>
>>
>> You can put any built-in, domain or local machine in and ADAM will
>> automatically create the appropriate foreign security principal.  AD does
>> that too, btw.
>>
>> HTH,
>>
>> Joe K.
>>
>> --
>> Joe Kaplan-MS MVP Directory Services Programming
>> Co-author of "The .NET Developer's Guide to Directory Services Programming"
>> http://www.directoryprogramming.net
>> --
>> "Gibraltar" <Gibral***@discussions.microsoft.com> wrote in message
>> news:E022329B-5E93-4EFD-A245-3D7B53718D9D@microsoft.com...
>>> Hello,
>>> I have installed an ADAM instance on a member server of an Active
>>> Directory
>>> Domain. However, when I try to add a local machine user or a domain user
>>> to
>>> the 'Readers' group in ADAM, when I click apply, it gives me an error "A
>>> directory service error has occured" and doesn't allow me to add the
>>> local/domain users. However, I am able to add the ADAM users to the
>>> readers
>>> group comfortably. Any idea why this is happening? Your valuable inputs
>>> are
>>> apprciated.
>>>
>>> Thanks,
>>> Gib
>>
>>