ADAM for Dynamics GP Web Services
Tuesday, May 12th, 2009A Few days ago, I tried to install Dynamics GP web services. I thought that all of the prerequisites were satisfied (OS, ISO, IIS, ASP, etc) but when installation started I got an error:
ADAM Error – Error Code: 20038.The wizard could not access the registry. Error code: 0x800706fd. The trust relationship between this workstation and the primary domain failed.
I found some info on Internet that one person noticed that this error occurs when installation is run on computer which is joined to a domain. That was all…
What I did next was assign the computer on WORKGROUP and log in as local admin. After starting installation everything was just great. Installation was finished successfully!
Then I went back to WS Install Admin Guide and found interesting content about ADAM.
ADAM or Active Directory Application Mode is required by the Dynamics Security Service. In order to install Dynamics GP Web Services, the current user must be in ADAM administrator role. The user who installed Windows Server 2003 (in my case local admin) automatically is in this role. But if we want to enable some other users to install, update or modify GP Web services we should add them in this role.
Note: ADAM is related to Windows Server 2003 and ADMSL (Active Directory Lightweight Directory Services) is related to Windows Server 2008 and we have same situation for both.
For more details see Appendix A: ADAM or ADLDS Administrators in WS Install Admin Guide. You can find it here.
In short notes, to add new user in ADAM Administrator Role, follow next steps:
- You must we logged as ADAM administrator.
- Open All Programs->ADAM.
- Create connection: Action-> Connect To and define connection string to server onto which GP Web services were installed. If the Web Services for Microsoft Dynamics GP installer has installed ADAM or the ADLDS instance, it will use the default port 389. If you’ve used a different port, specify that port value. Choose Configuration as the well-known naming context.
- Click OK to connect.
- Find ADAM installation and expand tree to find CN=Roles node.
- In the list of roles, select Administrators. Choose Properties from the Action menu to display the properties for the Administrators role.
- In the list of attributes for the Administrators role, locate and select “member”. Click Edit. The Multi-valued Distinguished Name with Security Principal Editor window will be displayed.
- Click Add Windows Account to specify the user to add as an administrator.
- Click OK to save your changes.
- Click OK to close the Administrator role properties window and close ADSI Editor.