Hello all,
I have 2 domains MyParent.com and MyChild.MyParent.com (parent child relationship).
I have a user 'MyParent\ad_service'. I have made it as part of 'Accounts Operator' group in parent domain. I can create and manager users in parent domain. No issues.
I want to create users in child domain using 'MyParent\ad_service' credentials. For this I tried below but nothing worked :( :-
- Added 'MyParent\ad_service' to 'Accounts Operator' group of child domain
- Added 'MyParent\ad_service' to 'Administrators' group
- Gave 'Full Control' delegated access to child domain (main container) it self.
- Gave 'Full Control' delegated access to child domain OU in which I want to create child user
- Also added 'MyParent\ad_service' to enterprise admins group.
Still no luck :(
I always get "A referral was returned from the server."
I I use 'MyParent\administrator' (built in admin account), then creation succeeds, i..e user gets created in child domain.
I am using ADSI with a c# client.
Please help!
/M