[Fedora-directory-users] Windows Sync Errors

Glenn glenn at mail.txwes.edu
Tue Jan 2 21:38:50 UTC 2007 

O.K., so I'm guessing there are certain required object classes and 
attributes, and some that are not allowed.  I tried to populate the Active 
Directory using Windows Sync, but it didn't work.  Then I took the ldif file 
I used to populate the DS and tried to import it into AD, but that didn't 
work either.  I found that if I changed some object classes and attributes, 
the ldif would import into AD, but not into DS.  And they would not sync.

For instance, "objectclass: user" does not import into DS, but is required 
for AD.  And "objectclass: inetOrgPerson" imports into DS, but not into AD. 

So if I have some object classes and attributes required for AD that are 
not allowed in DS, and vice-versa, how can I make Windows Sync work?  I'm 
sure I'm missing something here.  I'm including sample ldif entries from each 
import below.  Thanks.   -Glenn.


AD-compatible entry:

dn: cn=Peter Apostle,ou=Domain Users,dc=ad,dc=example,dc=com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: user
sn: Apostle
cn: Peter Apostle
SAMAccountName: PApostle
userPrincipalName: papostle at ad.example.com
mail: papostle at ad.example.com
facsimiletelephonenumber: 817-531-4806
title: Electronic Reference Librarian
givenname: Peter
businesscategory: EJW Library
roomnumber: EJW Library
employeenumber: 1234567
departmentnumber: Provost
telephonenumber: 817-555-4802
userpassword: {SHA}8/P0XfVT5t9GpNL8MNPH+jdPGA0=
description: Reference Librarian
scriptPath: twu_script.bat
uid: abaker


DS-compatible entry:

dn: cn=Peter Apostle,ou=People,o=example.com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
sn: Apostle
cn: Peter Apostle
mail: papostle at ad.example.com
facsimiletelephonenumber: 817-555-4806
title: Electronic Reference Librarian
givenname: Peter
businesscategory: EJW Library
roomnumber: EJW Library
employeenumber: 1234567
departmentnumber: Provost
telephonenumber: 817-555-4802
userpassword: {SHA}8/P0XfVT5t9GpNL8MNPH+jdPGA0=
description: Reference Librarian
uid: papostle


---------- Original Message -----------
From: David Boreham <david_list at boreham.org>
To: "General discussion list for the Fedora Directory server project." 
<fedora-directory-users at redhat.com>
Sent: Tue, 02 Jan 2007 10:01:33 -0700
Subject: Re: [Fedora-directory-users] Windows Sync Errors

> Glenn wrote:
> 
> >Hello again.  I'm still trying to get Windows Sync working between 
Directory 
> >Server 7.1sp3 and Active Directory on a Windows 2003 server.  I thought I 
> >would narrow down the problem by trying to add a user in the DS and see if 
it 
> >would replicate to AD.  It does not, and the error message is:
> >
> >[02/Jan/2007:09:58:31 -0600] NSMMReplicationPlugin - agmt="cn=ldap-ad" 
> >(adserver:636): windows_replay_update: Looking at add operation local 
> >dn="uid=PApostle,ou=People,o=txwes.edu" (not ours,not user,not group)
> >
> >The replication agreement specifies that ou=People,o=txwes.edu in the DS 
> >should be synchronized with ou=Domain Users,dc=ad,dc=txwesleyan,dc=edu in 
> >AD.  Both ous exist as specified.
> >
> >Can anyone please suggest what I might try to get this working?  
Thanks.   -
> >Glenn.
> >  
> >
> Based on the information you've provided, the most likely cause is 
> that the entry lacks the appropriate object class and attributes to 
> be sync'ed.
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
------- End of Original Message -------

More information about the Fedora-directory-users mailing list