-
Título
Cannot see new Active Directory schema attributes in Active Roles -
Descrição
Following the addition of new Active Directory attributes or a Windows Functional Level update, the new Active Directory attributes are not present in Active Roles.
-
Causa
CAUSE 1
The Active Roles Administration Service has not been restarted since the Active Directory schema update.
CAUSE 2
Multiple Active Directory Domains are managed by Active Roles, and the Active Roles Consolidated Schema is being populated with the schema from a domain which has not been modified.
This can be identified by tracking Event ID 2505 in the Event Viewer logs on the Active Roles Administration Service host. These events will note all schema conflicts as well as the "winning" domain.
-
Resolução
RESOLUTION 1
Active Roles only loads the Active Directory schema when the Active Roles Administration Service starts. In most cases, a service restart should detect and load any Active Directory schema changes.
If changes are still not present following a service restart, clear the Active Roles ADSI Schema Cache as per Solution 1 from this resource.
RESOLUTION 2
If at all possible, make the same schema change in all Active Directory domains. Otherwise, an error will be encountered in Active Roles when attempting to update a native attribute using values which are not applicable for the target domain.