Glenn wrote: > I wasn't thinking when I said the directory server data was imported from > NT. It actually came from a Netscape Directory server. Just as a test, I > exported a few users to an ldif file and tried to use the ldifde on the W2003 > domain controller to import them. It seems to find a syntax error on every > line in the file, making it impossible to narrow it down. > Do you have any trailing white space in those values? > I can't possibly be the only person who has run into this problem. Hoping > someone can shed some light. Thanks. -Glenn. > > > ---------- Original Message ----------- > From: Richard Megginson <rmeggins at redhat.com> > To: "General discussion list for the Fedora Directory server project." > <fedora-directory-users at redhat.com> > Sent: Tue, 28 Nov 2006 10:46:52 -0700 > Subject: Re: Windows Sync Error > > >> Glenn wrote: >> >>> Posting the log entries near the error, including what appears to be the >>> ldif. Thanks. -G. >>> >>> [28/Nov/2006:10:37:08 -0600] - Windows sync entry: Created new remote >>> > entry: > >>> dn: cn=John Doe,ou=Domain Users,dc=ad,dc=example,dc=com >>> objectClass: top >>> objectClass: person >>> objectClass: organizationalperson >>> objectClass: user >>> userprincipalname: jdoe at ad.example.com >>> samaccountname: jdoe >>> mail: jdoe at example.com >>> userparameters: >>> description: Reference Librarian >>> sn: Doe >>> telephoneNumber: 817-555-1234 >>> codepage:: AAAAAA== >>> cn: John Doe >>> userworkstations: >>> title: Electronic Reference Librarian >>> homeDirectory: >>> profilepath: >>> givenName: John >>> facsimileTelephoneNumber: 817-555-2345 >>> scriptpath: nt_script.bat >>> >>> [28/Nov/2006:10:37:08 -0600] - Attempting to add entry cn=John >>> > Doe,ou=Domain > >>> Users,dc=ad,dc=example,dc=com to AD for local entry uid=jdoe,ou=people, >>> o=ourorg.org >>> [28/Nov/2006:10:37:08 -0600] NSMMReplicationPlugin - agmt="cn=ldap-ad-5" >>> (boccherini:636): Received result code 21 (00000057: LdapErr: DSID- >>> > 0C090B38, > >>> comment: Error in attribute conversion operation, data 0, vece) for add >>> operation >>> [28/Nov/2006:10:37:08 -0600] NSMMReplicationPlugin - agmt="cn=ldap-ad-5" >>> (boccherini:636): windows_replay_update: Cannot replay add operation. >>> >>> >> It's hard to tell without knowing which attribute is complaining >> about. But I would guess that, since this data has been migrated >> from NT4, some of the attributes have changed syntax, and MS AD does >> not like the old values, or perhaps doesn't like the empty values. >> >>> ---------- Original Message ----------- >>> From: Richard Megginson <rmeggins at redhat.com> >>> To: "General discussion list for the Fedora Directory server project." >>> <fedora-directory-users at redhat.com> >>> Sent: Tue, 28 Nov 2006 10:09:32 -0700 >>> Subject: Re: Windows Sync Error >>> >>> >>> >>>> Glenn wrote: >>>> >>>> >>>>> I'm still trying to get my evaluation copy of Red Hat Directory Server >>>>> 7.1SP3 to sync with Windows Active Directory. The latest hitch is an >>>>> >>>>> >>> error >>> >>> >>>>> message following an initial re-synchronization attempt. The Directory >>>>> Server has a few hundred users imported from a Windows NT domain. The >>>>> Active Directory server has none of those users, so the initial re-sync >>>>> should add them to AD. The error occurs when Windows Sync tries to add >>>>> >>>>> >>> the >>> >>> >>>>> first user entry to the Active Directory. The message is: >>>>> >>>>> Attempting to add entry cn=John Doe,ou=Domain >>>>> >>>>> >>> Users,dc=ad,dc=example,dc=com >>> >>> >>>>> to AD for local entry uid=jdoe,ou=people,o=ourorg.com >>>>> >>>>> Followed by: >>>>> >>>>> (ADserver:636): Received result code 21 (00000057: LdapErr: DSID- >>>>> >>>>> >>> 0C090B38, >>> >>> >>>>> comment: Error in attribute conversion operation, data 0, vece) for add >>>>> operation >>>>> >>>>> >>>>> >>>> Error 21 is >>>> #define LDAP_INVALID_SYNTAX 0x15 /* 21 */ >>>> >>>> So AD thinks one of the attributes sent over has an invalid value >>>> that doesn't correspond to the syntax it is expecting, or something >>>> like that. It might be helpful if you post the LDIF of the entry it >>>> has problems with, being careful to obscure any private data. >>>> >>>> >>>>> I would appreciate any insight. Hoping to see if this actually works >>>>> >>>>> >>> before >>> >>> >>>>> the 30-day evaluation runs out. Thanks. -Glenn. >>>>> >>>>> >>>>> > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3178 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20061128/032cf99b/attachment.bin
