Windows Replication Agreement Help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

John A. Sullivan III wrote:
> On Mon, 2010-07-19 at 04:15 -0400, John A. Sullivan III wrote:
>   
>> On Wed, 2010-07-14 at 15:40 -0600, Rich Megginson wrote:
>>     
>>> --[ UxBoD ]-- wrote:
>>>       
>>>> Hi,
>>>>
>>>> We are setting up a new Windows 2K3 AD server and attempting to syncronise the users from our LDAP server version 8.1.0.
>>>>
>>>> Performing the full sync fails after about 30 seconds with a message in the error log:
>>>>
>>>> [14/Jul/2010:07:46:10 -0400] - add value "^V" to attribute type "ARecord" in entry "DC=@,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=domain,DC=com" failed: duplicate new value
>>>> [14/Jul/2010:07:46:10 -0400] - add value "null or non-ASCII" to attribute type "dnsproperty" in entry "DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=domain,DC=com" failed: duplicate new value
>>>>
>>>> and none of the users or groups are sent to AD.  I am guessing it may be how our LDAP server schema is setup as we use something like:
>>>>
>>>> dc=domain,dc=com
>>>> |_ o=Internal
>>>> |___o=a0000
>>>> |____ou=Desktops
>>>> |_____uid=fred
>>>>
>>>> We have set the Windows subtree to be dc=domain,dc=com and the replication subtree to be dc=domain,dc=com with a DS subtree of o=Internal,dc=domain,dc=com.
>>>>
>>>> Our understanding was that within AD Users & Groups GUI we should have seen a similar schema created.
>>>>
>>>> Though for some reason the replication is traversing the whole of the internal AD tree.
>>>>         
>>> Because you set the AD subtree to be dc=domain,dc=com ?
>>>       
>>>> Should we create a new Organisational Unit within AD called, for arguments sake, clients and set the Windows subtree to be ou=clients,dc=domain,dc=com so that it forces it to that branch ?
>>>>   
>>>>         
>>> I think that's the way it was designed.  Usually AD trees have a 
>>> CN=Users,DC=domain,DC=com where all of the user entries live, and 
>>> winsync is designed to work with that sort of structure.
>>>       
>> <snip>
>> Hmm . . . we've rooted AD in dc=myad,dc=domain,dc=com and synchronized
>> at cn=users,dc=myad,dc=domain,dc=com but still have the exact same
>> problem :(
>>     
> <snip>
> I also tried creating an ou in AD, e.g.,
> ou=LDAPUSers,dc=myad,dc=domain,dc=com in case it did not like building
> Organizations under CNs but that also failed - John
>   
Not sure what you mean by "building Organizations" - but it shouldn't 
matter if it is under a CN or not.
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux