Active Directory Integration Issues

[unstable]

Greetings, so far a great product, I can't roll it out yet as I want the authentication to be based on our users AD credentials. I am stuck at adding the Active Directory Schema extensions. I have used my AD user (w/Enterprise Admin and Schema Admin Priveleges) and the Directory's Administrator user (w/same priveleges) and am getting the following:

C:\>"C:\Program Files\Scalix\Administration\ScalixForestPrep.exe" --install
Scalix Forest Prep 11.0.3.1
Copyright (c) 2006, Scalix Corporation
Schema will be updated with the Scalix extensions.
Error creating the scalixScalixObject attribute
Error code: 8007200e

I've done a google search on the Error Code, as it doesn't seem like anyone else here has had the issue and the only thing I can find is that it relates to a Windows LDAP message of: LDAP_BUSY ERROR_DS_BUSY", "Server is busy." I have tried just about everything.

I am running a single Domain Controller, Windows Server 2003 Standard w/SP1, Dual 3Ghz., and 2GB RAM. Please Help!

[unstable]

Okay, hopefully this will help someone else if they ever have any problems. My DC's replication partner died a while back (read: 1 year) and so I've had one DC since. Before doing any of this, I backed up the server and made a manual copy of the NTDS folder.

I started going through the event logs and noticed that there were a bunch of NTFRS warnings in the File Replication Service event. I looked under Sites and Services and found that the old DC was still listed there. I removed it and re-ran the Schema update utility and it worked. Dunno why it was an issue unless the domain thought it was the Schema master. Anyways, hope this helps.

[unstable]

According to the SSO AD Instructions provided, the step to create the kerberos keytab is:

ktpass –princ scalix-ual/scalixservername.domain@REALM –mapuser scalix-ual -pass password –out path\filename -kvno 3

For example: ktpass -princ scalix-ual/scalixserver.acme.net@ACME.NET -mapuser scalix-ual -pass password -out scalix-ual.keytab -kvno 3

I had issues creating a keytab and the resulting error was:

ktpass -princ scalix-ual/cc-mail01-srv.imamed.local@IMAMED -mapuser scalix-ual -pass ****** -out scalix-ual.keytab -kvno 3
DsCrackNames returned 0x2 in the name entry for scalix-ual.
ktpass:failed getting target domain for specified user.

Basically ktpass couldn't find the user in the directory, I got around this by specifying the user and domain, ie.. domain\domain.user. I hope this helps someone, as I was stuck on this for a bit.

In reference to my example above, try:

ktpass -princ scalix-ual/cc-mail01-srv.imamed.local@IMAMED -mapuser imamed\scalix-ual -pass ****** -out scalix-ual.keytab -kvno 3