How do I disable the $NameUniquenessPolicy in Directory and Resource Administrator so that it does n (NETIQKB19174)

  • 7719174
  • 02-Feb-2007
  • 19-Jun-2007

Resolution

goal
How do I disable the $NameUniquenessPolicy in Directory and Resource Administrator so that it does not apply for Groups and only applies for Users?

goal
Can the $NameUniquenessPolicy be configured to apply only to User objects?

fact
Directory and Resource Administrator 6.x

fact
Directory and Resource Administrator 7.x

fix

When enabled in Directory and Resource Administrator (DRA), the $NameUniquenessPolicy ensures that the sAMAccountName property for an object is unique across all managed domains.  The policy applies to User and Group objects.  In order to configure the policy to apply to all objects except Groups the following steps can be performed on the DRA server:

  1. Launch RegEdit.
  2. Select the HKEY_LOCAL_MACHINE\SOFTWARE\Mission Critical Software\OnePoint\Administration\Data\Modules\Policy\Scope\$PolicyScope<$NameUniquenessPolicy>\Rules key.
  3. Delete the following keys:
    • $OpRule<GroupCopy>
    • $OpRule<GroupCreate>
    • $OpRule<GroupRename>
    • $OpRule<GroupSetInfo>
  4. Restart the MCSOnePoint Administration Server (NetIQ Administration Server) service.
  5. Synchronize the Multi-Master Set.


note
The above information is provided as is and is not supported.  Before providing this information to a customer, please make sure that they know that this has not been QA tested and thus is not supported.

Additional Information

Formerly known as NETIQKB19174