Software
               		
               		
               The following software is required to perform these procedures: 
                  		
               
 
               		
                
                  		  
                  - ADSIEdit.msc, the Microsoft AD management console that is shipped with AD LDS. You can run this from the Start menu or from the command
                     line. 
                     		  
                  
  
            	 
            
               Information 
               		
               		
               You will need the following information: 
                  		
               
 
               		
                
                  		  
                  - A user account authorized to make AD schema changes (shown as AD-admin and AD-password below). 
                     		  
                  
- The user account in the domain controlled by your AD server that you will be granting ES administrative authority. 
                     			 
                     To simplify the process we recommend that this account have a name that is no longer than eight characters, ASCII, and has
                        no spaces; and that the account's "Common name" (the name that appears in the list of users on the domain controller, in the
                        Active Directory Users and Computers console) be the same as its "Logon name" (shown in the Account tab of the user's Properties
                        in Users and Computers). Also, you may run into problems if this account exists both on the domain and the local computer,
                        with the same name but with different passwords. 
                        			 
                      This account is shown as ES-admin and ES-password below. 
                        			 
                      
- The location of the AD server (shown as servername below). 
                     		  
                  
- The DN of the AD domain (shown as domain-DN below). Normally, this will be the fully-qualified domain name of the AD host,
                     minus the hostname, with each segment of the name listed as a separate DC element, so for example server.dept.mydom.com would
                     use: 
                     			 
                      
                        				 DC=dept,DC=mydom,DC=com 
                        			 
                      
 
            	 
            
               Preparation
               		 
               		
                This procedure assumes that you have already:
                  		
               
               		
               
                  		  
                  - Configured your Active Directory schema and repository for ES LDAP-based security.
                     		  
                  
-  Installed an Enterprise Server product on at least one system.