Microsoft KB Archive/243816

= PMADMIN Adds ACEs to Existing ACLs During Broker Connection to LDAP Server =

Article ID: 243816

Article Last Modified on 12/5/1999

-

APPLIES TO


 * Microsoft Site Server 3.0 Standard Edition

-



This article was previously published under Q243816



SYMPTOMS
When you use the Pmadmin.vbs script to connect an Active User Object (AUO) instance to an existing LDAP instance, duplicate Access Control Entries (ACEs) may be added to the object's Access Control Lists (ACLs).

ACEs should only be added during the creation of the LDAP database; subsequently connecting a broker to an existing LDAP instance should NOT add additional ACEs.

NOTE: AUO instance is also referred to as broker. This problem only occurs when the Pmadmin.vbs script is used to connect a broker to an LDAP instance, and not when this task is accomplished through the MMC.



RESOLUTION
To resolve this problem, obtain the latest service pack for Site Server 3.0. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

219292 How to Obtain the Latest Site Server 3.0 Service Pack



WORKAROUND
To work around this problem, use the MMC instead of the Pmadmin.vbs script to connect a broker to an existing LDAP instance.



STATUS
Microsoft has confirmed that this is a problem in Microsoft Site Server version 3.0.

Additional query words: ss3 iis 4.0 Pmadmin.vbs Pmadmin security hack

Keywords: kbbug kbfix kbsiteserv300sp3fix KB243816

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.