Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Directory Management Service "error: Access denied"

Status
Not open for further replies.
SecureNetworx

SecureNetworx

Technical User
Jun 3, 2005
10
0
0
US
We get this error when we attempt to create a Distribution Group using the Create New Site dialog.

"The group operation succeeded, but the distribution group could not be updated because of the following error: The Directory Management Service reported the following error: Access denied."

Any help would be greatly appreciated.
 
Sort by date Sort by votes
Hi,

Sounds like a permissions issue. Have you checked so that the account that handles these things in SharePoint have appropriate access in your AD (or other Directory Service)?
The actual group and users are not created in SharePoint (as far as I know) so most likely you need to look into the permissions on your Directory Service and the specific container where you are creating the Distribution group.

Cheers,
Thomas




 
Upvote 0 Downvote
hey did you ever figure out what permission needed to be set
 
Upvote 0 Downvote
While I have Sharepoint Services creating the Distribution Groups in Active Directory I haven't had time to fine tune my solution to put the issue to rest. That being said I'll give you what I have as a working solution at this time.

First, add the Sharepoint application pool account as a local Administrator on the machine(s) hosting the front-end of your Sharepoint Site (this is the part where I haven't had the time to research the minimum permissions required for the solution to work).

Secondly, assuming a SQL Server back-end you'll need to give Execute permission (so the app pool can execute stored procedures) to the Sharepoint application pool account at the Schema Level for the Sharepoint_Config database.

Third, the permissions for the OU need to be extended by giving Read and Write permissions to the SQL Database account that you passed to Sharepoint when you initialized the farm.

Let me know if you need any further clarification.
 
Upvote 0 Downvote
I did everything you suggested above, for both my Central Admin account and my site app pool account, plus setting up a SMTP connector (which I'm not sure I needed).

Nothing is being created in the OU on the domain controller, even though both SharePoint accounts are enabled to create/manage users.

I am not getting anything in the WSS 3.0 server in its error logs etc., nor in the ADUC/DC server.

Thank you, Tom

 
Upvote 0 Downvote
I don't believe anything relative to an SMTP connector is required to configure distribution groups; one item I would like to clarify is that since you're not getting any errors that a review of Sharepoint Services Central Administration/Distribution Groups shows no pending entries?
 
Upvote 0 Downvote
I needed a SMTP connector to get the docs sent to the SharePoint server, and one has to set the SharePoint service account to local admin to get things working with incoming mail. This is what worked for me.

Thanks, Tom
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

BTrees
  • Locked
  • Question
SharePoint Online-Reading/Access Lists-Using SSIS -OData Connection- Error 401 Unauthorized
Replies
0
Views
138
BTrees
BTrees
ncotton
  • Locked
  • Question
Access Request Email Notification not being sent
Replies
1
Views
128
kjv1611
kjv1611
Pack10
  • Locked
  • Question
basic Access - SharePoint questions
Replies
1
Views
54
dhookom
dhookom
Niebotel
  • Locked
  • Question
ACCESS frontend en Sharepoint backend
Replies
0
Views
38
Niebotel
Niebotel
Pack10
  • Locked
  • Question
Getting error msg.....an error occurred querying the data source
Replies
1
Views
71
philhege
philhege

Part and Inventory Search

Sponsor

Back
Top