Not seeing all domains in permissions

Hi,

I have two similar servers setup. They are both Mediabin 4.5.3, windows server 2k3, with a windows server 2k3 active directory server running the domain.

On server A, when I go to edit the permissions of a folder, I can choose * from the menu on the left to see local accounts, or I can choose any of the 10 domains it knows about... if I pick a domain, I will be able to search and give permissions to a user from that domain.

On server B, when I go to edit the permissions of an item, my only choice is *. I cannot access any of the other domains.. including the domain the server is joined to, or the domain I am logged in to on the machine. I can log into mediabin as a member of the domain, but still don't see it as a choice anywhere.

What do I have to change, to make it show me the choices of the rest of the domain?

Thanks

Find more posts tagged with

Comments

kg_brian

Argh I found a patch to fix this.. but it still doesn't work. I think its because server B is on win2k3 SP2, which is not supported for mediabin 4.5.3. After the patch, the drop down now shows * and LDAP... but LDAP is not enabled for the server, so very odd...

lyman

There should not be a problem with the configuration you describe and so I suspect something else is going on. Please open a case with support. It is hard to generalize about configuration issues especially as it concerns network setup!

Cheers,

Lyman Hurd

kg_brian

After searching devnet some more I finally figured it out.

The problem was, my mediabin service was running as a local admin. Changing it to run as a domain admin magically fixed all my problems. Really weird solution, but it worked...

Thanks,

lyman

Actually local admin should be fine. I do not want people to think we require domain admin credentials...we do not. But there may be something more subtle in your network configuration that prevented your service account from seeing the domains.

Cheers,

Lyman Hurd

Migrateduser

Perhaps the confusion is with the description between a local and domain account rather than its privileges. MediaBin does not require its service account to have domain admin permissions but rather requires the account to be a domain account with administrative privileges on the MediaBin server machine. While that account can be considered a local admin, the distinction should be the fact that the account is listed as a member of the domain, not a user local to only the MediaBin server machine.

kg_brian

Yes sorry about not being clear.

The way I made it work is with a domain admin (the actual windows group domain administrators), but it sounds like the same thing will work with a domainwide adminsitrator (the windows group administrator) but set up in active directory instead of on the local machine.