> > All you need is to have entries that are 'syncable'. On the FDS side > this means > special objectclass and attribute values. On the AD side it only > means having the entries in the container configured in the sync agreement. If I have entries in DS that do not exist in AD, and I "Initiate Full Re- synchronization", then these entries should be created in AD, correct? And if so, they should be 'syncable'? But this does not happen in my case. Entries created in DS are rejected with the error messages, windows_replay_update: Looking at add operation local dn="uid=fprefect,ou=People,o=txwes.edu" (not ours,not user,not group) and windows_process_total_entry: Looking dn="uid=fprefect,ou=People,o=txwes.edu" (not ours) So I guess the question now is, what special object classes or attribute values do I need to add to a DS entry in order to make it replicate to AD? Here is what the DS entry looks like now as exported to ldif: dn: uid=fprefect,ou=People,o=txwes.edu telephoneNumber: 817-555-4000 mail: frprefect at ad.txwesleyan.edu uid: fprefect givenName: Ford objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson sn: Prefect cn: Ford Prefect creatorsname: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot modifiersname: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot createtimestamp: 20070108161609Z modifytimestamp: 20070108161609Z nsuniqueid: 7608d381-1dd211b2-802a98a3-2f8c0000 parentid: 1352 entryid: 1914 entrydn: uid=fprefect,ou=people,o=txwes.edu numsubordinates: 0 subschemasubentry: cn=schema hassubordinates: FALSE
