Posting the log entries near the error, including what appears to be the ldif. Thanks. -G. [28/Nov/2006:10:37:08 -0600] - Windows sync entry: Created new remote entry: dn: cn=John Doe,ou=Domain Users,dc=ad,dc=example,dc=com objectClass: top objectClass: person objectClass: organizationalperson objectClass: user userprincipalname: jdoe at ad.example.com samaccountname: jdoe mail: jdoe at example.com userparameters: description: Reference Librarian sn: Doe telephoneNumber: 817-555-1234 codepage:: AAAAAA== cn: John Doe userworkstations: title: Electronic Reference Librarian homeDirectory: profilepath: givenName: John facsimileTelephoneNumber: 817-555-2345 scriptpath: nt_script.bat [28/Nov/2006:10:37:08 -0600] - Attempting to add entry cn=John Doe,ou=Domain Users,dc=ad,dc=example,dc=com to AD for local entry uid=jdoe,ou=people, o=ourorg.org [28/Nov/2006:10:37:08 -0600] NSMMReplicationPlugin - agmt="cn=ldap-ad-5" (boccherini:636): Received result code 21 (00000057: LdapErr: DSID-0C090B38, comment: Error in attribute conversion operation, data 0, vece) for add operation [28/Nov/2006:10:37:08 -0600] NSMMReplicationPlugin - agmt="cn=ldap-ad-5" (boccherini:636): windows_replay_update: Cannot replay add operation. ---------- Original Message ----------- From: Richard Megginson <rmeggins at redhat.com> To: "General discussion list for the Fedora Directory server project." <fedora-directory-users at redhat.com> Sent: Tue, 28 Nov 2006 10:09:32 -0700 Subject: Re: Windows Sync Error > Glenn wrote: > > I'm still trying to get my evaluation copy of Red Hat Directory Server > > 7.1SP3 to sync with Windows Active Directory. The latest hitch is an error > > message following an initial re-synchronization attempt. The Directory > > Server has a few hundred users imported from a Windows NT domain. The > > Active Directory server has none of those users, so the initial re-sync > > should add them to AD. The error occurs when Windows Sync tries to add the > > first user entry to the Active Directory. The message is: > > > > Attempting to add entry cn=John Doe,ou=Domain Users,dc=ad,dc=example,dc=com > > to AD for local entry uid=jdoe,ou=people,o=ourorg.com > > > > Followed by: > > > > (ADserver:636): Received result code 21 (00000057: LdapErr: DSID- 0C090B38, > > comment: Error in attribute conversion operation, data 0, vece) for add > > operation > > > Error 21 is > #define LDAP_INVALID_SYNTAX 0x15 /* 21 */ > > So AD thinks one of the attributes sent over has an invalid value > that doesn't correspond to the syntax it is expecting, or something > like that. It might be helpful if you post the LDIF of the entry it > has problems with, being careful to obscure any private data. > > I would appreciate any insight. Hoping to see if this actually works before > > the 30-day evaluation runs out. Thanks. -Glenn. > >
