-2147024891 Active Directory General access denied error

Posted on 2004-11-07
Last Modified: 2008-02-01
I have an activex script that performs 3 functions - 1) creates accounts within active directory, 2) updates expiry dates for some accounts, 3) modifies the groups that a user is part of. The script runs within SQL Server and connects to a database in order to determine what accounts to create or modify. The script runs on one server and creates / modifies accounts on a second server.

When I am logged into the first server and run the script, then the script works perfectly. However, when I schedule the script to run from a job (and am therefore not logged in) my script generates the error '-2147024891 Active Directory General access denied error' when it tries to create new accounts or update the expiry dates of existing accounts. It does not however seem to have any problems adding users to groups or creating new groups.

I am guessing that this problem is permissions based??? Does anyone have any suggestions as to what permissions my user needs to have in order to create and update accounts? Is it something that needs to be set within group policy?

Any suggestions would be appreciated!
Question by:tyea

    Author Comment

    Okay..... for anyone who is interested.....

    It turns out that regardless of the user that I had set against the job in SQL Server, in this situation it was running under the account that the SQL Server Agent service was started under. The service was started under the local system account and that was the problem..... I changed the service to run under srvadmin and now all is good!

    Accepted Solution

    PAQed with points refunded (50)

    Community Support Moderator

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    I've been asked to discuss some of the UX activities that I'm using with my team. Here I will share some details about how we approach UX projects.
    This video discusses moving either the default database or any database to a new volume.
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now