Greetings,
So we currently run a 2 dc architecture. We have a handful of personnel with domain admin rights and about 3 dozen more setup with helpdesk rights. The helpdesk personnel are in the account operators buitin group and also the remote desktop users group. When the help desk personnel attempt to open up active directory Users and Computers, they receive this error:
The Directory schema is not accessible because: no more to be obatained by the search result. For this reason, the New menu may be inaccurate, and extension snap-ins may not work properly.
Our Domain Controllers are Windows 2008 R2. All our workstations are Windows 7 64 bit. The helpdesk personnel receive this error if they use the remote server admin tools, and when they log in remotely to the server. I also had a help desk person log on to the server directly, and they still receive the same error. the only time they do not receive the error is if they have domain admin rights, which we do not want to hand out. Has anyone seen this issue before?
I've scoured the internets and have only found one scenario of this error happening and it occurs when you have the 2008 remote admin tools installed on xp workstations. Like I stated above, we have no XP machines to have this error. We run Windows 7 on our workstations.
Any info and help on this matter would be greatly appreciated.