Friday, May 6, 2011

Error while trying to access Active Directory - AX 2009 -

Today I was trying to add some users by using the Microsoft Dynamics AX 2009  Active Directory Import Wizard and I got the following error:

Error while trying to access Active Directory

I went into a code (Forms/SysUserADUserImportWizard/searchADUser) and I saw that the Active Directory searcher will break into this line:

searchResultCollection = directorySearcher.FindAll();

This problem happens because some settings on the network domain are required for non-domain administrators to view all users on the domain within the Active Directory Import Wizard in Microsoft Dynamics AX.

Here is one possible workaround to resolve this issue:

1.  Add the domain admin to the list of AX users
2.  Add the newly created AX user account to the Administrator group in AX
3.  Perform the import by using the AX account that has domain administrator permissions

So, I asked the Network Administrator (I added him to AX in the Admin Group) to login to AX 2009 and he was able to run the Active Directory Import Wizard with no problems.

Then we identified that the the AOS instance (service in services) was running under a Network Service Account (This is a development environment), which did not have all the permissions to deal with the Active Directory.

To finally resolved the issue I changed the login method of my service to use the local service instead of the Network Service.

Above we can see the final optimal outcome.

No comments:

Post a Comment

Thank you for your thoughts. Your comment will appear in my blog shortly after review.

Have a great day!