Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

URGNET: Active Directory Schema Snap-in for MMC (basic question)

Posted on 2004-04-19
9
1,345 Views
Last Modified: 2010-04-13
When I click on Active Directory Schema, right click and select permissions, it will not let me change any of the permissions.

I am logged in as an Administrator, and I want to give the administrator group privelages to edit the schema
0
Comment
Question by:jjacksn
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 22

Accepted Solution

by:
Christopher McKay earned 200 total points
ID: 10866202
Hi jjacksn,
You may have to take ownership of it first.
(go into properties, then select Permissions, then select advanced, then take ownership)

Hope this helps!

:o)

Bartender_1
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10866206
jjacksn
Administrator does not have the rights by default. You need to add yourself to the Schema Admins groups

BE VERY CAREFUL schema changes are one way only on Windows 2000 and potential catastrophic.

Cheers

JamesDS
0
 
LVL 22

Expert Comment

by:Christopher McKay
ID: 10866222
jjacksn,
Sorry, that should be :
go into Properties, then select Security, then select advanced,the click on owner tab, then change the owner to you.

Hope this helps!

:o)

Bartender_1
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 10

Expert Comment

by:anupnellip
ID: 10866378
default Administrator r by default in schema admin group . but other administrator whome you create later r not in this group . either add the user you wnat to admin schema to this group or log in as administrator .
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10866409
anupnellip

Sorry, you're right - to clarify

By default the domain administrator in the Forest root domain is a member of the schema admins group. Administrators created later and original administrators of the child domains are not member of the schema admins group

Cheers

James
0
 
LVL 5

Author Comment

by:jjacksn
ID: 10866459
I am the original Administrator account created when i installed the OS.  I am also the only computer in the Domain/Forrest.  Shouldn't I have rights by default according to what you are saying?
0
 
LVL 5

Author Comment

by:jjacksn
ID: 10866464
Also, when I select persmissions, It says that I can only view the other permissions, not chnage them.  Unfourtunately, I'm in the middle of updating it... so I will get back to you shortly when I can edit things.
0
 
LVL 5

Author Comment

by:jjacksn
ID: 10866583
"By default, all domain controllers permit Read access to the schema. A registry entry must be set on a domain controller to permit Write access to the schema on that domain controller. "
http://www.microsoft.com/windows2000/techinfo/planning/activedirectory/adschemasteps.asp

Do I need to change this?  If so, what is this registry key?
0
 
LVL 10

Assisted Solution

by:anupnellip
anupnellip earned 300 total points
ID: 10866636
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Print Server: NT to 2008 10 590
Registry Error Stop 0X0000051 3 2,826
Closing cmd window after script execution 4 363
testing the trust relationship between two domain 1 88
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question