Re: Windows Sync: Full re-syncronization fails

Rich Megginson <rmeggins@xxxxxxxxxx> · Thu, 09 Oct 2008 07:20:18 -0600

Erling Ringen Elvsrud wrote:
I have just configured Windows sync (I use RHDS 8.0/RHEL 5.1). When
initiating a full re-syncronization I get these log-entries from the
Linux side:

[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin - Running Dirsync
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
agmt="cn=testsync" (e24dcvw001:389): State: wait_for_changes ->
wait_for_changes
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
agmt="cn=testsync" (e24dcvw001:389): State: wait_for_changes ->
ready_to_acquire_replica
[03/Oct/2008:13:05:40 +0200] - acquire_replica, supplier RUV:
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin - supplier:
{replicageneration} 48e5d6030000ffff0000
[03/Oct/2008:13:05:40 +0200] - acquire_replica, consumer RUV:
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin - consumer:
{replicageneration} 48e5d6030000ffff0000
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
agmt="cn=testsync" (e24dcvw001:389): Trying non-secure slapi_ldap_init
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
agmt="cn=testsync" (e24dcvw001:389): binddn = Cn=srvLinuxLDAP,
cn=users,dc=utv,dc=internsone2,dc=local,  passwd =
{DES}5OZLz0E4j2onl1VNZhRT3g==
[03/Oct/2008:13:05:40 +0200] - windows_conn_connect : detected Win2k3 peer
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
agmt="cn=testsync" (e24dcvw001:389): No linger to cancel on the
connection
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
windows_acquire_replica returned success (101)
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
agmt="cn=testsync" (e24dcvw001:389): State: ready_to_acquire_replica
-> sending_updates
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
agmt="cn=testsync" (e24dcvw001:389): No changes to send
[03/Oct/2008:13:05:40 +0200] - Sending dirsync search request
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
agmt="cn=testsync" (e24dcvw001:389): Beginning linger on the
connection
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
agmt="cn=testsync" (e24dcvw001:389): Linger timeout has expired on the
connection
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
agmt="cn=testsync" (e24dcvw001:389): State: sending_updates ->
wait_for_changes
[03/Oct/2008:13:05:40 +0200] NSMMReplicationPlugin -
agmt="cn=testsync" (e24dcvw001:389): Disconnected from the consumer

>From the AD side I get this in the event-log:

Internal event: The LDAP server returned an error.

Additional Data
Error value:
00002105: LdapErr: DSID-0C0907C9, comment: Error processing control,
data 0, vece

Anyone familiar with these problems?

Looks like AD received an invalid LDAP message.  I've seen this before 
when the DirSync control is not formed correctly.  But I'm not sure how 
this could happen.  I suggest running tcpdump or wireshark to capture 
the LDAP traffic between Fedora DS and AD to see what LDAP message is 
being sent.
Do you know if it is possible to log all ldap-queries sent to AD from DS? I have
enabled all possible logging, but I cannot find the query from the full re-sync
operation in the logs.

Best regards,

Erling

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

<<attachment: smime.p7s>>
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users