Resolution
fact
Directory and Resource Administrator 6.x
fact
Directory and Resource Administrator 7.x
symptom
Error occurs when creating a computer account whose name matches the naming convention set in the policy.
symptom
Assistant Admins creating computer accounts receive an error when attempting to create computer accounts that match the criteria configured in the policy.
symptom
Error: 'Unable to perform this operation due to company policy.'
cause
The above error message may occur if the policy created is a Naming Convention policy or a validation policy, created to ensure that the SAMAccountName field is in a particular format.
fix
To resolve this issue, modify the validation policy created to validate a computer account's SAMAccountName field by performing the following steps:
note
The dollar sign ($) sign is automatically appended to the computer account's SAMAccountName field by the operating system. The Assistant Admins do not have to add the dollar sign ($) when creating the computer account, and will only be able to create a computer account whose SAMAccountName field matches
Directory and Resource Administrator 6.x
fact
Directory and Resource Administrator 7.x
symptom
Error occurs when creating a computer account whose name matches the naming convention set in the policy.
symptom
Assistant Admins creating computer accounts receive an error when attempting to create computer accounts that match the criteria configured in the policy.
symptom
Error: 'Unable to perform this operation due to company policy.'
cause
The above error message may occur if the policy created is a Naming Convention policy or a validation policy, created to ensure that the SAMAccountName field is in a particular format.
fix
To resolve this issue, modify the validation policy created to validate a computer account's SAMAccountName field by performing the following steps:
- Launch the Delegation and Configuration Management console.
- Select the Policy node under Policy and Automation Management.
- Select the validation policy created.
- Right-click and select Properties.
- Select the Value tab.
- In the Property format mask field, add a dollar sign ($) at the end of the criteria you specified (e.g. if the value in the Property format mask field is set to
A*HOU, it must be changed toA*HOU$). - Click OK.
note
The dollar sign ($) sign is automatically appended to the computer account's SAMAccountName field by the operating system. The Assistant Admins do not have to add the dollar sign ($) when creating the computer account, and will only be able to create a computer account whose SAMAccountName field matches
A*HOU.Additional Information
Formerly known as NETIQKB37849