On 13/10/04 10:59 pm, Barrett, John <[EMAIL PROTECTED]> wrote: > I've written a script (below) that runs on a Unix server and modifies AD > attributes. It works fine if the user I'm binding as is given Domain Admin > privileges. The AD admins don't want to give me that much power (and I really > don't want it) but when they back the privileges off to what they think should > work I get "insufficient access" errors: > > update error: 00002098: SecErr: DSID-03150646, problem 4003 > (INSUFF_ACCESS_RIGHTS), data 0 > > The only thing that seems to work is Domain Admin. The AD admins claim that I > am not "presenting the security context correctly." I'm using simple bind. > Is there anything I can do differently? Would SASL help?
Possibly. Using SSL might help too. Cheers, Chris
