Thursday, July 26, 2007

Can't Delete Person from NAB? (SnTT)

So, after upgrading a server from 5.0.2b to 7.0.2FP2 this week (the clients were 4.6.7!), I did a lot of cleanup and added the LocalDomainAdmins group. I know for a fact that at one point I renamed in ACLs the old admin groups as well. I was also able yesterday to delete a good many old accounts.

Well today we were unable to delete accounts. So I did the usual ACL checks on the NAB and even explicitly added my account. Everything was cool, but I got an error that I wasn't authorized to perform the operation (clicking the "Delete Person" button).

No errors in log. Nothing on the console. Nothing in DDM. Nothing but an error. So I go into Full Access Administration. Nothing. So then I decided to check Admin4.nsf ACL. Sure enough, LocalDomainAdmins was NOT in there! I know it was because I was looking through catalog.nsf verifying things yesterday.

But, I was then able to delete an account. And I also added LocalDomainAdmins to every db....

Now Playing: "Insanity" by Firewind


No comments: