RE: [ActiveDir] Exchange issues again(ot)

[joe]

I would bet along those lines as well. I have seen multiple similar cases in Exchange where the Schema rights were needed, I think ADC comes to mind right off as I seem to recall getting into a rather pissy mood one day when I had to give Exchange admins Schema Admin rights to install another ADC instance.   If it were simply a case of I need to look that is fine, you don't need schema admin for that. The fact that they say, I need to look, and you need to be a schema admin in the off chance that I need to update something is crap and in my opinion poor design though if I were the designer I would rather it be called a bug.   This whole thing gets back to assumptions made in that system. More times than not I am usually trying to figure out why in the world the assumptions are what they are. It sometimes makes me think that they polled the customers by going into three local mom and pop stores and asked them how they configured their Exchange systems.     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael B. Smith Sent: Friday, August 26, 2005 4:50 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Exchange issues again(ot) I've asked "Those Who Should Know". If they deign to respond, I'll let you know. :-)   If I were a betting man (and I usually am, but not on this), I would bet that Exchange setup connects specifically to the schema master role holder in order to verify that the schema has been updated with forestprep. It would choose the schema master in order to avoid the potential replication delays that could be associated with consulting the "local DC" (that is, that the changes may not have replicated from the schema master to the local DC).   While it's arguable that it should check the local DC first, and if it doesn't find it there, then check the schema master -- I could see some developer saying "screw that".   That's my best guess. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Friday, August 26, 2005 3:45 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Exchange issues again(ot) I have no rights nor connectivity.   I ran adsiedit.msc as localsystem on a child dc and changed the fSMORoleHolder attrib on the schema NC to point to the child dc i do have connectivity to and it worked.   Mind you- THIS IS A TEST FOREST. I WOULD NEVER DO THIS IN PRODUCTION.   still, i'd like to know why setup needs to write to the schema AFTER exchange has already been installed and set up and you have an org and exchange servers running. Does it do this everytime you set up a new exchange server? what is it writing? I'd love to know.   Thanks alot! -----Original Message----- From: Douglas M. Long [mailto:[EMAIL PROTECTED] Sent: Fri 8/26/2005 3:25 PM To: ActiveDir@mail.activedir.org Cc: Subject: RE: [ActiveDir] Exchange issues again(ot)