Extending Active Directory Schema for Bitlocker recovery information

Giganews Newsgroups
Subject: Extending Active Directory Schema for Bitlocker recovery information
Posted by:  Ragnar (Ragn…@noemail.noemail)
Date: Sat, 17 Feb 2007

Hi

I'm performing the BitLocker Active Directory schema extension with the
commands and files described in the "Configuring Active Directory to Back up
Windows BitLocker Drive Encryption and Trusted Platform Module Recovery
Information". However ldifde stops at step 13 and gives the following error:

------------------------------------------------------------------------------------------------------------------------
13:
CN=ms-TPM-OwnerInformation,CN=Schema,CN=Configuration,DC=testdomain,dc=com
Entry DN:
CN=ms-TPM-OwnerInformation,CN=Schema,CN=Configuration,DC=testdomain,dc=com
changetype: modify
Attribute 0) searchFlags:152

Add error on line 223: Unwilling To Perform
The server side error is "The search flags for the attribute are invalid.
The ANR bit is valid only on attributes of Unicode or Teletex strings."
6 entries modified successfully.
An error has occurred in the program
------------------------------------------------------------------------------------------------------------------------

Btw, line 223 in the ldif file is the first line above "13:
CN=ms-TPM-OwnerInformation,CN..."

Anyone experienced this?

Thanks.

/Ragnar

Replies