|
List Info
Thread: FDS-ADS Sync
|
|
| FDS-ADS Sync |
 
United States |
2007-04-05 18:13:28 |
So I got the Windows Sync Agreement working.
Windows side:
cn=Users,dc=foo,dc=org
FDS side:
ou=Users,l=Portland,c=US,dc=foo,dc=org
SSL certs are properly exchanged between the two, user
passwords sync
correctly, and accounts removed or added on either side are
sync'd
correctly.
Then suddenly less than 24hrs later, users on the ADS side
suddenly
start being removed from email distribution groups. Client
panics and
shuts down the FDS server, which appears to be the only
change in the
last few days. The accounts had been stable for much time.
Aside from asking the obvious of what would cause this, I'm
curious
where I should start hunting (log level tweaks.. ADS logs,
etc).
Here are some errors I found on the ADS side. These might
be the client
correcting the errors, not the original error itself:
errors:[04/Apr/2007:09:44:53 -0700] - add value
"uid=Finintern,ou=Users,l=Portland,c=US,
dc=foo,dc=org" to
attribute type "uniqueMember" in entry
"cn=FINANCE,ou=Users,l=Portland,c=US,
dc=foo,dc=org" failed:
value exists
errors:[04/Apr/2007:10:54:53 -0700] - add value
"uid=Finintern,ou=Users,l=Portland,c=US,
dc=foo,dc=org" to
attribute type "uniqueMember" in entry
"cn=MAS90,ou=Users,l=Portland,c=US, dc=foo,dc=org"
failed: value
exists
errors:[04/Apr/2007:11:54:53 -0700] - add value
"uid=sharrison,ou=Users,l=Portland,c=US,
dc=foo,dc=org" to
attribute type "uniqueMember" in entry
"cn=Raisers
Edge,ou=Users,l=Portland,c=US, dc=foo,dc=org" failed:
value exists
--
Kris S. Amundson
Founder, CIO GPG Key: D6D39F2C
OpenSourcery, LLC. http://www.opensourcery.
com/
--
Fedora-directory-users mailing list
Fedora-directory-users redhat.com
https://www.redhat.com/mailman/listinfo/fedora-dir
ectory-users
|
|
| Re: FDS-ADS Sync |
United States |
2007-04-05 20:49:09 |
FWIW, the same thing happened to me when we setup our FDS-AD
sync
agreements. I can't say definitely, but the problem went
away after we
stopped using the Fedora Console for user and group
management. We wrote our
own tools to manage the directory data, and the disappearing
users problem
went away. I'm not saying that the console is the cause,
just throwing that
out there.
Good luck.
-richard
On 4/5/07 4:13 PM, "Kris S. Amundson"
<krisaopensourcery.com> wrote:
> So I got the Windows Sync Agreement working.
>
> Windows side:
> cn=Users,dc=foo,dc=org
>
> FDS side:
> ou=Users,l=Portland,c=US,dc=foo,dc=org
>
> SSL certs are properly exchanged between the two, user
passwords sync
> correctly, and accounts removed or added on either side
are sync'd
> correctly.
>
> Then suddenly less than 24hrs later, users on the ADS
side suddenly
> start being removed from email distribution groups.
Client panics and
> shuts down the FDS server, which appears to be the only
change in the
> last few days. The accounts had been stable for much
time.
>
> Aside from asking the obvious of what would cause this,
I'm curious
> where I should start hunting (log level tweaks.. ADS
logs, etc).
>
> Here are some errors I found on the ADS side. These
might be the client
> correcting the errors, not the original error itself:
>
> errors:[04/Apr/2007:09:44:53 -0700] - add value
> "uid=Finintern,ou=Users,l=Portland,c=US,
dc=foo,dc=org" to
> attribute type "uniqueMember" in entry
> "cn=FINANCE,ou=Users,l=Portland,c=US,
dc=foo,dc=org" failed:
> value exists
>
> errors:[04/Apr/2007:10:54:53 -0700] - add value
> "uid=Finintern,ou=Users,l=Portland,c=US,
dc=foo,dc=org" to
> attribute type "uniqueMember" in entry
> "cn=MAS90,ou=Users,l=Portland,c=US,
dc=foo,dc=org" failed: value
> exists
>
> errors:[04/Apr/2007:11:54:53 -0700] - add value
> "uid=sharrison,ou=Users,l=Portland,c=US,
dc=foo,dc=org" to
> attribute type "uniqueMember" in entry
"cn=Raisers
> Edge,ou=Users,l=Portland,c=US, dc=foo,dc=org"
failed: value exists
--
Fedora-directory-users mailing list
Fedora-directory-usersredhat.com
https://www.redhat.com/mailman/listinfo/fedora-dir
ectory-users
|
|
[1-2]
|
|