Troubleshooting AD Agent - Unable to set some attributes

When you provision users to AD and you have chosen to set attributes from the Terminal Server tab you may encounter warnings instead of success when viewing completed requests.

The audit log may say it could not set some attributes such as Allow Logon. In my testing it would occasionally complain about not being able to set other attributes related to Terminal Services as well.

If you go to your AD Agent on the AD server and enable detailed logging you may see something like this:

errorMessage="Error setting attribute eradwtsallowlogon. Agent Terminal Server support disabled.">

This is the first clue to the problem. Simply run the agentCfg tool and choose option F. Registry Settings, then option A. Modify non-encrypted registry settings, page down using option D. then set WtsEnabled to 'TRUE'.










Try again to provision your users and this time I think you will have more success.

The InstallScript engine is missing from this machine...

If available, please run ISScript.msi, or contact your support personnel for further assistance.

If you are installing the TAM ESSO agent and encounter this message, then it is likely that you are using an older version of ISScript.msi than is required.

I ran into this problem recently and spent a few hours trying to install various versions of ISScript.msi. There is an informative tech note from InstallShield here:

http://consumer.installshield.com/kb.asp?id=Q108158

The problem is that if you try to install any or all of the versions mentioned in the technote you will still get the error message because InstallShield is already up to like version 12 or there abouts.

You can debug your msi by running this from the command line:

msiexec /i yourmsi.msi /l*v C:\Temp\MyMSILog.log

In the log you will see which version of isscript.msi it's trying to use. That would be the version you must install.

Since I'm using TAM ESSO 6.004 it is requiring version 11.5 of isscript.msi. I found the correct version of isscript.msi bundled with the TAM ESSO 6.004 product. You will find it in the Utility folder. The file name is isscript1150.msi.