Microsoft KB Archive/322268

= &quot;65 = 'Object Class Violation' for Operation on Objects&quot; Error When You Use ADMA to Manage Objects =

Article ID: 322268

Article Last Modified on 10/30/2006

-

APPLIES TO


 * Microsoft Metadirectory Services 2.2 Service Pack 1
 * Microsoft Metadirectory Services 2.2 Service Pack 1

-



This article was previously published under Q322268



SYMPTOMS
When you use the Active Directory Management Agent (ADMA) to manage objects in an AD forest, the following error is reported in the Dslib.log file:

ERR_00 05d8 02/04/05 10:11:15.100 (AD-MA_dataFlowFromMdToAd) AD returned 65 = 'Object Class Violation' for operation on object CN=Doe\, JOHN,OU=Primary Group,DC=dstest,DC=com



CAUSE
This problem occurs because an attribute that is specified in an ADD request or MODIFY request is not being associated with the current object class. For example, in the default AD schema, attempts to add the EmployeeNumber attribute to an object of class user result in this error. However, attempts to add the EmployeeID attribute are successful.



RESOLUTION
To modify the object class user to accept EmployeeNumber as a valid attribute, use the Active Directory Schema snap-in.

To do this, follow these steps.

NOTE: You can also use the same technique to modify any other attribute-object class pair.

NOTE: Both the currently logged in user and the Schema master domain controller must be able to modify the schema.

Install the Active Directory Schema Snap-in

 * 1) Log on as an administrator.
 * 2) Insert the Windows 2000 Server CD into your CD drive, and then click Browse this CD.
 * 3) Double-click the I386 folder, double-click Adminpak, and then follow the instructions that are displayed in the Windows 2000 Administration Tools Setup Wizard.
 * 4) Click Start, click Run, type mmc /a, and then click OK.
 * 5) Click Add/Remove Snap-in on the Console menu, and then click Add.
 * 6) Under Snap-in, double-click Active Directory Schema, and then click Close.
 * 7) If you have no more snap-ins to add to the console, click OK.
 * 8) To save this console, click Save on the Console menu.
 * 9) Type Schema Manager in the File name box, and then click Save.

Modify the Schema

 * 1) Log on to Active Directory as a member of the Schema Admins group.
 * 2) Start the Schema snap-in: click Start, point to Programs, and then click Administrative Tools.
 * 3) On the Tree tab in the left window, expand the Active Directory Schema node.
 * 4) Open the Classes node.
 * 5) Scroll down the (alphabetically sorted) list to user.
 * 6) Right-click the user object, and then click Properties on the shortcut menu.
 * 7) Click Attributes tab.
 * 8) Verify that EmployeeNumber is not listed in the Optional window.
 * 9) Click the Add button.
 * 10) Scroll down the list to EmployeeNumber.
 * 11) Click OK, click Apply, and then click OK to close the Add Attribute dialog box.
 * 12) Scroll to the top of the left window.
 * 13) Right-click the Active Directory Schema object, and then click Reload the Schema on the shortcut menu.
 * 14) Quit the Schema snap-in.

NOTE: There may be a 30-minute delay between the time that you modify the schema and when the changes you have applied become effective.

Additional query words: mms metadirectory zoomit

Keywords: kbprb KB322268

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.