I have deployed the ad_response probe and have successfully configured the Response and Search profiles; however I am having problems with the Replication profiles (both Read and Write). The only way I can get it to work is to use an account with Domain Administrator privileges for the LDAP credentials. If I use the Service Account that has been created specifically for Nimsoft, I get an error saying "Selected attribute is not allowed on this object" even if the profile is set to use the same account as for the log on (see screenshots attached). I have searched through the documentation and cannot find any reference to what rights need to be assigned for the account so it can read and write to the selected attribute. Our company policy is to use non-Admin accounts with delegated rights wherver possible so any help that avoids me having to configure an Admin account would be greatly appreciated.