Posting the log entries near the error, including what appears to be the
ldif. Thanks. -G.
[28/Nov/2006:10:37:08 -0600] - Windows sync entry: Created new remote entry:
dn: cn=John Doe,ou=Domain Users,dc=ad,dc=example,dc=com
objectClass: top
objectClass: person
objectClass: organizationalperson
objectClass: user
userprincipalname: jdoe(a)ad.example.com
samaccountname: jdoe
mail: jdoe(a)example.com
userparameters:
description: Reference Librarian
sn: Doe
telephoneNumber: 817-555-1234
codepage:: AAAAAA==
cn: John Doe
userworkstations:
title: Electronic Reference Librarian
homeDirectory:
profilepath:
givenName: John
facsimileTelephoneNumber: 817-555-2345
scriptpath: nt_script.bat
[28/Nov/2006:10:37:08 -0600] - Attempting to add entry cn=John Doe,ou=Domain
Users,dc=ad,dc=example,dc=com to AD for local entry uid=jdoe,ou=people,
o=ourorg.org
[28/Nov/2006:10:37:08 -0600] NSMMReplicationPlugin - agmt="cn=ldap-ad-5"
(boccherini:636): Received result code 21 (00000057: LdapErr: DSID-0C090B38,
comment: Error in attribute conversion operation, data 0, vece) for add
operation
[28/Nov/2006:10:37:08 -0600] NSMMReplicationPlugin - agmt="cn=ldap-ad-5"
(boccherini:636): windows_replay_update: Cannot replay add operation.
---------- Original Message -----------
From: Richard Megginson <rmeggins(a)redhat.com>
To: "General discussion list for the Fedora Directory server project."
<fedora-directory-users(a)redhat.com>
Sent: Tue, 28 Nov 2006 10:09:32 -0700
Subject: Re: [Fedora-directory-users] Windows Sync Error
Glenn wrote:
> I'm still trying to get my evaluation copy of Red Hat Directory Server
> 7.1SP3 to sync with Windows Active Directory. The latest hitch is an
error
> message following an initial re-synchronization attempt. The
Directory
> Server has a few hundred users imported from a Windows NT domain. The
> Active Directory server has none of those users, so the initial re-sync
> should add them to AD. The error occurs when Windows Sync tries to add
the
> first user entry to the Active Directory. The message is:
>
> Attempting to add entry cn=John Doe,ou=Domain
Users,dc=ad,dc=example,dc=com
> to AD for local entry
uid=jdoe,ou=people,o=ourorg.com
>
> Followed by:
>
> (ADserver:636): Received result code 21 (00000057: LdapErr: DSID-
0C090B38,
> comment: Error in attribute conversion operation, data 0, vece)
for add
> operation
>
Error 21 is
#define LDAP_INVALID_SYNTAX 0x15 /* 21 */
So AD thinks one of the attributes sent over has an invalid value
that doesn't correspond to the syntax it is expecting, or something
like that. It might be helpful if you post the LDIF of the entry it
has problems with, being careful to obscure any private data.
> I would appreciate any insight. Hoping to see if this actually works
before
> the 30-day evaluation runs out. Thanks. -Glenn.
>