I have a sql admin who is not a domain admin and when he selects a new login for sql 2000 using the domain lookup it tells him he has no permission and can't see any user in active directory. He does have active directory users and computers on his desktop and can see them all there. Any suggestions' He is a local admin on the sql server box and can see local users.I would think you can't enumerate users and groups in
Active Directory unless you are given specific rights. I
know this is true for Open LDAP and IBM SecureWay bases
directory services. Ask him to enter NET USERS /DOMAIN
command on DOS command prompt and see if it lists all
users in the Domain. I would suggest you to post this
question to windows 2000 group, or ask your network admin.
This isn't a sql issue, if he is local admin then more
likely he has DBA privileges in server.
>--Original Message--
>I have a sql admin who is not a domain admin and when he
selects a new login for sql 2000 using the domain lookup
it tells him he has no permission and can't see any user
in active directory. He does have active directory users
and computers on his desktop and can see them all there.
Any suggestions' He is a local admin on the sql
server box and can see local users.
>.
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment