DetailPage-MSS-KB

Microsoft small business knowledge base

Article ID: 293405 - Last Review: November 2, 2013 - Revision: 5.0

Hotfix Download Available
View and request hotfix downloads
 
This article was previously published under Q293405
This article has been archived. It is offered "as is" and will no longer be updated.
Notice
This article contains a reference to the MDSS utility, which is a utility that Microsoft Support provides as-is and does not support. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of the MDSS utility.
IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:
256986  (http://support.microsoft.com/kb/256986/EN-US/ ) Description of the Microsoft Windows Registry

Symptoms

The Microsoft Directory Synchronization Services tool (MSDSS) may not migrate group membership when synchronizations are run. MSDSS migrates only members of "Security Equal To Me" by default.

Cause

This issue occurs because "Security Equal To Me" is the closest equivalent to how groups are used by Active Directory.

Resolution

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support (http://support.microsoft.com/contactus/?ws=support)
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language. The English version of this fix should have the following file attributes or later:
   Date        Time   Size     File name   
   ----------------------------------------
   04/18/2001  18:30  40.2 KB  Ndsread.dll 
   04/18/2001  18:32  88.2 KB  Ndswrite.dll
				

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

More information

WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

After you install the hotfix, the following DWORD registry value is checked to determine if NDS "Members" should be used instead of NDS "Security Equivalent To Me" for group memberships:
HKLM\System\CurrentControlSet\Services\MSDSS\Parameters\UseMemberAttribute
It the data value is set to 1, MSDSS uses the member attribute. If the data value is set to 0 or -1 (or does not exist), MSDSS uses the "Security Equivalent To Me" attribute.

Applies to
  • Microsoft Windows 2000 Server
Keywords: 
kbnosurvey kbarchive kbautohotfix kbhotfixserver kbqfe kbbug kbfix KB293405
Share
Additional support options
Ask The Microsoft Small Business Support Community
Contact Microsoft Small Business Support
Find Microsoft Small Business Support Certified Partner
Find a Microsoft Store For In-Person Small Business Support