I cannot create a user account in a particular OU. (NETIQKB51804)

  • Document ID:7751804
  • Creation Date:02-Feb-2007
  • Modified Date:19-Jun-2007
    • Micro Focus Products:
      Directory and Resource Administrator

Resolution

fact
Directory and Resource Administrator 6.x

fact
Directory and Resource Administrator 7.x

symptom
I cannot create a user account in a particular OU.

symptom
Error: 'You do not have the power to create the User NewUserName in the container OUName.'

symptom
An Assistant Admin is unable to create a user account in a specified organizational unit.

cause

A target container for create operations has not been defined in the ActiveView, and/or the AA does not have Create power over the container selected for the create operation.



fix

To resolve this issue, you should define a target container for create operations and/or delegate power to create objects in the container to the Assistant Admin:

  1. Open the Delegation and Configuration Console.

  2. Expand Directory and Resource Administrator > Delegation Management > ActiveViews.

  3. To define a target container for create operations:
    1. Right-click the relevant ActiveView and select Properties.
    2. Click the Rules tab.
    3. Click Add > Target containers for create operations.
    4. Select the container with which you wish to associate create operations for this ActiveView and click Add.
    5. Click OK, and then click OK again.

  4. To delegate power to create objects in a container to the AA:
    1. Right-click the relevant ActiveView and select Properties.
    2. Click the Assignments tab.
    3. Select the Assistant Admin to whom you wish to delegate the right to create objects.
    4. Click Add > Delegate more powers to AAName.
    5. Click Add > Roles.
    6. Type Create and Delete User Accounts in the contains field and click Find Now.
    7. Select Create and Delete User Accounts in the Results list and click Add, then OK.
    8. Click Next.
    9. Click Finish and then click OK in the ActiveView Properties window.


note

If OU1 has been defined as the target container for create operations in the ActiveView and the AA is assigned to two OUs but with permission to create user only in OU1, any user accounts the AA attempts to create in OU2 will be created in OU1 by default. In this case, the error message will not display.



Additional Information

Formerly known as NETIQKB51804