the attribute cannot be modified because its owned by the system

finally i have found how to modify a setting, but after doing this in ADSIEDIT, the message shows up:

"the attribute cannot be modified because its owned by the system"

what could be here the reason now?
boxexpertAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sekhar_kiitCommented:
Hi,

You need to add a registry entry on the server, which is as follows:

In HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters, create the following value:
Value name: Allow System Only Change
Data type: REG_DWORD
Value data: 1
Then close the registry and now you should be able to modify through ADSIEDIT.

Regards,
Sekhar
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
boxexpertAuthor Commented:
i want to modify this on our FE server, our OWA. di have to set that key locally or on the exchange server as well?
0
boxexpertAuthor Commented:
are you sure about the correct path in the registry? i cannot find NTDS in services...
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

engeltjeCommented:
This method I found on the Internet, regarding yur problem.
Hope this helps.


Login as a member of Schema Admins (preferably on the Schema Master FSMO)

Launch LDP.EXE

Connect to the Schema Master FSMO using LDP.EXE

Bind to the Schema Master using an account with Schema Admin permissions.

From the Browse menu, choose Modify

In the Modify dialog box, leave the DN field blank, and type schemaUpgradeInProgress in the Attribute field. In the Value field, enter the number 1. Click the Enter button, then click the Run button.

Close the Modify dialog box.

Launch ADSIEDIT.MSC and modify the mAPIID values for the necessary attributes. (You may need to wait for the Active Directory to replicate.)

Run LDP again, and change the value of schemaUpgradeInProgress from 1 to 0.

From the Active Directory Schema console, right click on the console and choose "Reload the Schema"
0
sekhar_kiitCommented:
Hi,
Sorry, there was a typo omit. The setting should be changed on your DC most preferably on your schema master.

Regards,
Sekhar
0
boxexpertAuthor Commented:
ill check quick if it works. really curious...
0
boxexpertAuthor Commented:
not working. i rebootet teh schema master DC,but still cannot modify that setting
0
boxexpertAuthor Commented:
very frustrating,it still damn doesnt work...i cannot edit that setting
0
thief1968Commented:
engeltje's suggestion works 100% perfect. Thanks Mate!!
0
forwarditDirectorCommented:
This worked Great for us, adding the regkey and than adding the LDP command in resolved our 2003 > 2008 R2 Migration issues.

Thankyou engeltje
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.