Microsoft KB Archive/269195

= Active Directory Management Agent Does Not Allow Distinguished Name Logon Credentials =

Article ID: 269195

Article Last Modified on 11/1/2006

-

APPLIES TO


 * Microsoft Metadirectory Services 2.2 Service Pack 1

-



This article was previously published under Q269195



SYMPTOMS
If the Management Agent (MA) logon information used to connect to Active Directory is specified as a distinguished name (DN), the MA cannot locate Active Directory. The operator's log may contain an error message similar to the following:

ERR_00 0590 00/07/20 14:54:10.202 (AD-MA_doSchemaDiscovery) Couldn't bind to bpdomain.local: LDAP error 49, Invalid Credentials.



CAUSE
This behavior occurs because the MA requires the user's credentials to be set up either as a user principal name, for example, user@domain.com, or in down-level domain format, for example, domain\user.



RESOLUTION
To resolve this behavior, you must set up the user's credentials either as a user principal name, or in down-level domain format.



STATUS
This behavior is by design.

Additional query words: metadirectory, via, zoomit, adma

Keywords: kbprb KB269195

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.