Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
756
Views
0
Helpful
8
Replies

Unity 5 "Deleted Objects" AD permission

sposte
Level 1
Level 1

‎02-12-2008 09:28 PM - edited ‎03-18-2019 08:27 PM

Hi,

I installed Unity5 in a child domain. When running the permissions wizard it applied 2 permissions to the Deleted Objects OU (hidden in AD) at the child domain level, but showed a failure when it attempted to apply the same permissions to the parent domain Deleted Objects.

This makes sense since our install account only had local domain admin rights.

Does this permission matter since we are only dealing with objects in the child domain and no other Unity servers or users exist in other parts of AD?

All other permissions went ok and server is operational with no errors. Unity is importing AD accounts only and has no AD admin rights

Thanks,

Scott

Labels:
0 Helpful
8 Replies 8

Ginger Dillon
VIP Alumni
VIP Alumni

‎02-13-2008 09:13 AM

Hi Scott -

The unitydirsvc account is given "Read properties" and "List contents" permissions for the Deleted Objects OU - Applied onto child objects in every domain that contains Cisco Unity subscribers or groups. I have had a similar experience with running the permissions wizard and the only failure was the ability to set permissions on the Deleted Objects OU. We also only import AD accounts into Unity and this has not impacted our users or Unity application.

Ginger

0 Helpful

sposte
Level 1
Level 1
In response to Ginger Dillon

‎02-13-2008 09:25 AM

Thanks Ginger,

0 Helpful

ranpierce
Level 6
Level 6
In response to sposte

‎02-13-2008 10:46 AM

I too have had this error. Same thing as Ginger no impact on subscibers or accounts.

I think the reason is that PW had been run succussfully before. I also think that PW only gives and not takes away permissions. With that said, even though it had failed it still had the permissions from a successful run before. Just an idea of mine. :-)

0 Helpful

jimmy-dotson
Level 1
Level 1

‎02-24-2008 07:39 PM

Scott,

What version of PW did you use? We're having the same issues with PW version 2.2.0.39 from ciscounitytools.com, but we don't show any issues with our Parent Site running PW 2.2.0.36 (shipped on media).

We're going to run the upgrade again tomorrow in the Lab to see what happens (more or less to verify the above once more).

thx,

Jimmy

0 Helpful

sposte
Level 1
Level 1
In response to jimmy-dotson

‎02-25-2008 05:44 AM

I ran the PW from the Unity 5.0 DVD.

It was run in the child domain under a child domain Admin account, therefore permissions in the Parent domain could not be applied.

0 Helpful

jimmy-dotson
Level 1
Level 1
In response to sposte

‎02-25-2008 06:33 AM

Scott,

Thx for the prompt reply... Much to my dismay (we thought the .36 on the media was clean) we have the same issue with both versions (.36 and .39).

What did TAC say? just curious...

thx,

Jimmy

0 Helpful

sposte
Level 1
Level 1
In response to jimmy-dotson

‎02-25-2008 06:50 AM

I opened a Partner Helpdesk ticket. They said that the permission for the Deleted Objects in the Parent Domain is only necessary if you are creating Unity users or objects in the Parent.

In our case Unity is only installed in the child domain so it's not needed. Otherwise you would run PW wizard under a Parent domain Admin account.

0 Helpful

jimmy-dotson
Level 1
Level 1
In response to sposte

‎02-25-2008 07:48 AM

Excellent info.

Scott, any idea of the Case number? It sure would be good if we could steer our TAC engineer to some info that might help them understand what we are saying to them...

This is great news!!

thx!

Jimmy

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents