So, after upgrading a server from 5.0.2b to 7.0.2FP2 this week (the clients were 4.6.7!), I did a lot of cleanup and added the LocalDomainAdmins group. I know for a fact that at one point I renamed in ACLs the old admin groups as well. I was also able yesterday to delete a good many old accounts.
Well today we were unable to delete accounts. So I did the usual ACL checks on the NAB and even explicitly added my account. Everything was cool, but I got an error that I wasn't authorized to perform the operation (clicking the "Delete Person" button).
No errors in log. Nothing on the console. Nothing in DDM. Nothing but an error. So I go into Full Access Administration. Nothing. So then I decided to check Admin4.nsf ACL. Sure enough, LocalDomainAdmins was NOT in there! I know it was because I was looking through catalog.nsf verifying things yesterday.
But, I was then able to delete an account. And I also added LocalDomainAdmins to every db....
Now Playing: "Insanity" by Firewind
Technorati: Show-n-tell thursday
No comments:
Post a Comment