[389-users] loss of group members in AD after initialization of sync

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



hello,

When I initiate a first full synchronization of DS and AD I lost members in groups

error log shows :

[10/Jun/2009:15:00:07 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry matching AD entry [CN=SFC,OU=groupes,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr] [10/Jun/2009:15:00:07 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry by guid [c0e73a492ffbc04c9e85781a68f45023] [10/Jun/2009:15:00:07 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: problem looking for guid: -1 [10/Jun/2009:15:00:07 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry by uid [SFC]
[...]
[10/Jun/2009:15:00:11 +0200] - Windows sync entry: Adding new local entry dn: cn=SFC,OU=groupes,ou=DR15,dc=ad,dc=dr15, dc=cnrs, dc=fr
objectClass: top
objectClass: groupofuniquenames
objectClass: ntGroup
ntGroupDeleteGroup: true
cn: SFC
description: Service Financier et Comptable
uniqueMember: uid=essaibug,OU=utilisateurs,ou=DR15,dc=ad,dc=dr15, dc=cnrs, dc=
fr
uniqueMember:[...]
follow 10 members

[...]
[10/Jun/2009:15:00:24 +0200] NSMMReplicationPlugin - received entry from dirsync: CN=MX,OU=utilisateurs,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr [10/Jun/2009:15:00:24 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry matching AD entry [CN=MX,OU=utilisateurs,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr] [10/Jun/2009:15:00:24 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry by guid [0cdf6e627d64684cb10c70b3b8753fda] [10/Jun/2009:15:00:24 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: problem looking for guid: -1 [10/Jun/2009:15:00:24 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry by uid [MX] [10/Jun/2009:15:00:24 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: problem looking for username: -1 [10/Jun/2009:15:00:24 +0200] - Windows sync entry: Adding new local entry dn: uid=MX,OU=utilisateurs,ou=DR15,dc=ad,dc=dr15, dc=cnrs, dc=fr
objectClass: top
objectClass: person
objectClass: organizationalperson
objectClass: inetOrgPerson
objectClass: ntUser
ntUserDeleteAccount: true
uid: MX
sn: MX
givenName: Guillaume
cn: MX
ntUserCodePage: 0
ntUserAcctExpires: 0
ntUserDomainId: MX
mail: Guillaume.MX@xxxxxxxxxxxx
ntUniqueId: 0cdf6e627d64684cb10c70b3b8753fda


[10/Jun/2009:15:01:34 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): windows_process_total_entry: Looking dn="cn=SFC,OU=groupes,ou=DR15,dc=ad,dc=dr15, dc=cnrs, dc=fr" (ours) [10/Jun/2009:15:01:34 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_outbound: looking for AD entry for DS dn="cn=SFC,OU=groupes,ou=DR15,dc=ad,dc=dr15, dc=cnrs, dc=fr" guid="c0e73a492ffbc04c9e85781a68f45023" [10/Jun/2009:15:01:34 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_outbound: looking for AD entry for DS dn="cn=SFC,OU=groupes,ou=DR15,dc=ad,dc=dr15, dc=cnrs, dc=fr" username="SFC"
[10/Jun/2009:15:01:34 +0200] - Calling windows entry search request plugin
[10/Jun/2009:15:01:34 +0200] - windows_search_entry: recieved 2 messages, 1 entries, 0 references [10/Jun/2009:15:01:34 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_outbound: found AD entry dn="CN=SFC,OU=groupes,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr"
[10/Jun/2009:15:01:34 +0200] - Calling windows entry search request plugin
[10/Jun/2009:15:01:34 +0200] - windows_search_entry: recieved 2 messages, 1 entries, 0 references [10/Jun/2009:15:01:34 +0200] NSMMReplicationPlugin - windows_generate_update_mods: CN=SFC,OU=groupes,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr, description : values are equal [10/Jun/2009:15:01:35 +0200] - map_dn_values: no local entry found for uid=essaibug,OU=utilisateurs,ou=DR15,dc=ad,dc=dr15, dc=cnrs, dc=fr
[10/Jun/2009:15:01:35 +0200] - map_dn_values: no local entry found for uid=

[follow 10 entries,]

[10/Jun/2009:15:01:35 +0200] - Calling windows entry search request plugin
[10/Jun/2009:15:01:35 +0200] - windows_search_entry: recieved 2 messages, 1 entries, 0 references [10/Jun/2009:15:01:35 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry matching AD entry [CN=essaibug,OU=utilisateurs,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr] [10/Jun/2009:15:01:35 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry by guid [72a7171ffaa0d84a9ca4ec2d90a4ab2b] [10/Jun/2009:15:01:35 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: problem looking for guid: -1 [10/Jun/2009:15:01:35 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry by uid [essaibug] [10/Jun/2009:15:01:35 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: problem looking for username: -1
[10/Jun/2009:15:01:35 +0200] - Calling windows entry search request plugin
[10/Jun/2009:15:01:35 +0200] - windows_search_entry: recieved 2 messages, 1 entries, 0 references

[10/Jun/2009:15:01:38 +0200] NSMMReplicationPlugin - windows_generate_update_mods: CN=SFC,OU=groupes,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr, sAMAccountName : values are equal
[10/Jun/2009:15:01:38 +0200] - smod - windows sync
[10/Jun/2009:15:01:38 +0200] - smod 0 - delete: member
[10/Jun/2009:15:01:38 +0200] - smod 0 - value: member: CN=essaibug,OU=utilisateurs,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr
[10/Jun/2009:15:01:38 +0200] - smod 1 - delete: member
[10/Jun/2009:15:01:38 +0200] - smod 1 - value: member:

[follow the 10 entries]

[10/Jun/2009:15:01:39 +0200] NSMMReplicationPlugin - windows_update_remote_entry: modifying entry CN=SFC,OU=groupes,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr [10/Jun/2009:15:01:39 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): Received result code 0 () for modify operation

[10/Jun/2009:15:01:55 +0200] - map_dn_values: no local entry found for uid=essaibug,OU=utilisateurs,ou=DR15,dc=ad,dc=dr15, dc=cnrs, dc=fr

[10/Jun/2009:15:05:51 +0200] NSMMReplicationPlugin - received entry from dirsync: CN=essaibug,OU=utilisateurs,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr [10/Jun/2009:15:05:51 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry matching AD entry [CN=essaibug,OU=utilisateurs,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr] [10/Jun/2009:15:05:51 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry by guid [72a7171ffaa0d84a9ca4ec2d90a4ab2b] [10/Jun/2009:15:05:51 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: problem looking for guid: -1 [10/Jun/2009:15:05:51 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: looking for local entry by uid [essaibug] [10/Jun/2009:15:05:51 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_inbound: problem looking for username: -1 [10/Jun/2009:15:05:52 +0200] - Windows sync entry: Adding new local entry dn: uid=essaibug,OU=utilisateurs,ou=DR15,dc=ad,dc=dr15, dc=cnrs, dc=fr
objectClass: top
objectClass: person
objectClass: organizationalperson
objectClass: inetOrgPerson
objectClass: ntUser
ntUserDeleteAccount: true
uid: essaibug
sn: essaibug
cn: essaibug
ntUserCodePage: 0
ntUserAcctExpires: 9223372036854775807
ntUserDomainId: essaibug
ntUniqueId: 72a7171ffaa0d84a9ca4ec2d90a4ab2b

[10/Jun/2009:15:07:13 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_outbound: looking for AD entry for DS dn="uid=essaibug,OU=utilisateurs,ou=DR15,dc=ad,dc=dr15, dc=cnrs, dc=fr" guid="72a7171ffaa0d84a9ca4ec2d90a4ab2b" [10/Jun/2009:15:07:13 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_outbound: looking for AD entry for DS dn="uid=essaibug,OU=utilisateurs,ou=DR15,dc=ad,dc=dr15, dc=cnrs, dc=fr" username="essaibug"
[10/Jun/2009:15:07:13 +0200] - Calling windows entry search request plugin
[10/Jun/2009:15:07:13 +0200] - windows_search_entry: recieved 2 messages, 1 entries, 0 references [10/Jun/2009:15:07:13 +0200] NSMMReplicationPlugin - agmt="cn=zebigbos" (zebigbos:636): map_entry_dn_outbound: found AD entry dn="CN=essaibug,OU=utilisateurs,OU=DR15,DC=ad,DC=dr15,DC=cnrs,DC=fr"

(following the translation of google)
I suppose that during the initialization of the replication, groups have lost members (group sfc) with the logs in order explicit removal of the member in the group, sent by the DS to AD. The most likely explanation and that the process is sequential but with a dispatch from AD to DS-anarchic, with a group can be created before members in DS users. these are leading to a later stage in a request for suppresssion AD DS to members of the group that did not exist before the creation of the group. This is "normal" since DS checks the consistency of information and therefore the group members. The solution to this problem is to create manually in the AD to add the lost members in the group or may be to initialize sync twice in a closed time.

The administrator of the Windows server and the AD insulted me as a result of this blunder
I asked him if he had a backup of the AD. he had not

--

Jean-Noel Chardron


--
389 users mailing list
389-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux