Vaughan Harper's blog ISDS A gotcha when installing IBM Security Directory Server on Windows 2012 R2…
A gotcha when installing IBM Security Directory Server on Windows 2012 R2…

ISDS

A gotcha when installing IBM Security Directory Server on Windows 2012 R2…

If you are installing IBM Security Directory Server on Windows 2012 R2 then ensure you disable User Account Control (UAC) by doing the following:

1. Go to Control Panel -> User Accounts -> User Accounts, click Change User Account Control settings, then select Never notify.

2. Navigate to the following registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
set ‘EnableLUA’ to 0
and set ‘ConsentPromptBehaviorAdmin’ to 0.

It is also worth creating a local admin account (not a domain admin account), and doing all the installation work as that user.

I found that if you don’t disable UAC, after creating an LDAP instance, when I tried to start ibmslapd.exe from a command prompt (as a user which is a member of the Administrators group), I had the following error:

GLPSRV200I Initializing primary database and its connections.
Binding to config failed! rc = 91
Turn on ldtrc for detail errors

I also found that if you log in as Administrator (and don’t disable UAC) it is possible to run ibmslapd.exe from a command prompt, but it won’t run as a service.

Vaughan

Written by Vaughan

Leave a Reply

Your email address will not be published. Required fields are marked *