Archived Content: This information is no longer maintained and is provided 'as is' for your convenience.
Customer has Microsoft ADS environment and extended the schema for SecureLogin. They then wanted to assign the rights using ADSSchema.Exe so users could run SecureLogin.
Their user objects exists in an OU called London they created (standard User objects don‚Äôt reside in the built in ‚ÄúUsers‚ÄĚ container).
They ran ADSSchema.Exe and entered the name of the container as
The following message appears and the rights aren‚Äôt assigned.
Error opening specified object ‚Äď2147016656
This will occur if you are assigning rights to ADS containers other than the built in ‚ÄúUsers‚ÄĚ container and use CN when entering the path to the desired container. You don‚Äôt use CN=, you use OU= as per the information below.
This also occurs if there is a spelling or syntax error in the customer mistyped the name. In the example below, the letter ‚Äúa‚ÄĚ is missing in ‚Äúcompany‚ÄĚ and there is a comma missing between ‚Äúcompny‚ÄĚ and ‚Äúcom‚ÄĚ, so the same error would occur.
- Check the syntax is correct and the CN (or OU) and DC‚Äôs are correct.
- If assigning rights to OU‚Äôs that are not the built in ""Users"" container, use the following syntax (instead of CN=, use OU=)
- If assigning rights to the built in Users container, user the following syntax (instead of OU=, use CN=)
- Check the specified container exists.
- Check your spelling.
- Check your rights to modify the schema.
- Check the domain name (open Active Directory Users and Computers and check you have all instances of dc= in the path)
In a future version of SecureLogin, a browse button will appear so the SSO administrator can simply point and click to select the container to assign the rights to.