Active Directory Driver Not Creating Users

Hi All

I have a really weird problem here. My AD driver is setup to do a
mirror sync of Edirectory one way. All changes to existing objects
(passwords etc) are syncing perfectly but when a new user is created
they never appear in AD. Here is the weird bit. When I look at the trace
it looks like all has worked. The user gets an association and the trace
says in bright green SUCCESS. 

If anyone has any ideas it would be greatly appreciated.

Thanks in advance.

Magteq


-- 
Magteq
------------------------------------------------------------------------



0
Magteq
5/11/2010 1:56:02 AM
novell.id-manager.drivers 10360 articles. 2 followers. Follow

12 Replies
499 Views

Similar Articles

[PageSpeed] 48

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Post the trace, please, from a trace file written directly from a driver
(no color, no ndstrace, etc.) which is specified directly below the trace
level field.

Good luck.





On 05/10/2010 07:56 PM, Magteq wrote:
> 
> Hi All
> 
> I have a really weird problem here. My AD driver is setup to do a
> mirror sync of Edirectory one way. All changes to existing objects
> (passwords etc) are syncing perfectly but when a new user is created
> they never appear in AD. Here is the weird bit. When I look at the trace
> it looks like all has worked. The user gets an association and the trace
> says in bright green SUCCESS. 
> 
> If anyone has any ideas it would be greatly appreciated.
> 
> Thanks in advance.
> 
> Magteq
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJL6MQxAAoJEF+XTK08PnB5luYP+wZ9VE7KrTgfKpucGsYWD3Pg
WkK7r0G+dm68O4JRYSY1nkBVISrttr3eqF8+WAJK5PPZWUfkTol/kOp5DBygxjaE
g04BGkL/9c4cRc/I1+0QtTYLspotG2Y0X6qvlsCT3dI7MStppzCPXd/LTgxu8acA
N7Jm23RzsSxdx57fbTU/ke6GWeJFW0ICGUulBw02HN63vFew+B0DKmzflJAccIXC
FXYUbjPwVLMo9J8W09GhS1sNgPjFuuI4LY/gu+Ifb+fyFf5wdO7OrCFg91kW3r67
jqTNEO7wguTes8HKZ63KGGYWgo3HO85Gp9OKAcbGjJjBUqQCFIUlyhS7ycnABDPJ
sIzfeY166I2l6Zzv9eOF0VuNcYSUhHPcCbdqMPGVW5jUuytWMTGCRM/MHUVfrmJ6
w74rGXxdECrixLm4HtccnIDExqpFKV50xE4WC2ti1jVOPoUGeZjHfvuMymo4diRW
SrQNRcT9mrPlnysTFAMbGsvij42DBG3acVNmMprsVtNHumiAiK31riNNhhy0fj/S
bgWCrIu+/xx5AHdDy3n5vbbQmufhet6sQ5DTEln4aOGVK08MecgM76xKagBH/xtH
eSLMLgenNamZ+2KcuTh5m0cVi6DgHQtuA+TZ9khibt4g3L+2zMXyLh+9VdbFtVaq
1MoalF0AV4FGB5izdqlj
=F1dN
-----END PGP SIGNATURE-----
0
ab
5/11/2010 2:43:29 AM
Sorry it's so long but here it is. This is part1 part 2 is in the
nextpost.

Many thanks again

Magteq

16:05:33 98EFDBA0 Drvrs: AD2 ST: (if-xpath true "self::status[@level =
'success']/operation-data/windows-2000-logon-name") = FALSE.
05/11/10
16:05:33 98EFDBA0 Drvrs: AD2 ST: Rule rejected.
16:05:33 98EFDBA0 Drvrs: AD2 ST:Policy returned:
16:05:33 98EFDBA0 Drvrs: AD2 ST:
<nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.6.0.4294">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<add class-name="user" dest-dn="CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au"
event-id="N-IDM-GM#20100511060533#5#2"
qualified-src-dn="O=msb\OU=2016\CN=testperson2"
src-dn="\MSB\msb\2016\testperson2" src-entry-id="42890">
<add-attr attr-name="description">
<value timestamp="1273557933#3" type="string">Graduating Class of
2016</value>
</add-attr>
<add-attr attr-name="displayName">
<value timestamp="1273557933#14" type="string">test person2</value>
</add-attr>
<add-attr attr-name="givenName">
<value timestamp="1273557933#8" type="string">test</value>
</add-attr>
<add-attr attr-name="sn">
<value timestamp="1273557933#15" type="string">person2</value>
</add-attr>
<add-attr attr-name="sAMAccountName">
<value type="string">testperson2</value>
</add-attr>
<add-attr attr-name="dirxml-uACAccountDisable">
<value type="string">false</value>
</add-attr>
<password><!-- content suppressed --></password>
<operation-data unmatched-src-dn="CN=testperson2,OU=2016">
<password-subscribe-status>
<association/>
</password-subscribe-status>
</operation-data>
</add>
</input>
</nds>
16:05:33 98EFDBA0 Drvrs: AD2 ST:Applying policy: Password(Sub)-Pub
Email Notifications.
16:05:33 98EFDBA0 Drvrs: AD2 ST: Applying to add #1.
16:05:33 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'Send e-mail for a failed publish password operation'.
16:05:33 98EFDBA0 Drvrs: AD2 ST: (if-global-variable
'notify-user-on-password-dist-failure' equal "true") = TRUE.
16:05:33 98EFDBA0 Drvrs: AD2 ST: (if-operation equal "status") =
FALSE.
16:05:33 98EFDBA0 Drvrs: AD2 ST: Rule rejected.
16:05:33 98EFDBA0 Drvrs: AD2 ST:Policy returned:
16:05:33 98EFDBA0 Drvrs: AD2 ST:
<nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.6.0.4294">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<add class-name="user" dest-dn="CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au"
event-id="N-IDM-GM#20100511060533#5#2"
qualified-src-dn="O=msb\OU=2016\CN=testperson2"
src-dn="\MSB\msb\2016\testperson2" src-entry-id="42890">
<add-attr attr-name="description">
<value timestamp="1273557933#3" type="string">Graduating Class of
2016</value>
</add-attr>
<add-attr attr-name="displayName">
<value timestamp="1273557933#14" type="string">test person2</value>
</add-attr>
<add-attr attr-name="givenName">
<value timestamp="1273557933#8" type="string">test</value>
</add-attr>
<add-attr attr-name="sn">
<value timestamp="1273557933#15" type="string">person2</value>
</add-attr>
<add-attr attr-name="sAMAccountName">
<value type="string">testperson2</value>
</add-attr>
<add-attr attr-name="dirxml-uACAccountDisable">
<value type="string">false</value>
</add-attr>
<password><!-- content suppressed --></password>
<operation-data unmatched-src-dn="CN=testperson2,OU=2016">
<password-subscribe-status>
<association/>
</password-subscribe-status>
</operation-data>
</add>
</input>
</nds>
16:05:33 98EFDBA0 Drvrs: AD2 ST:Submitting document to subscriber
shim:
16:05:33 98EFDBA0 Drvrs: AD2 ST:
<nds dtdversion="3.5" ndsversion="8.x">
<source>


-- 
Magteq
------------------------------------------------------------------------
Magteq's Profile: http://forums.novell.com/member.php?userid=6475
View this thread: http://forums.novell.com/showthread.php?t=410160

0
Magteq
5/11/2010 6:16:02 AM
here is part2 Part 3 to follow

Thanks again

Magteq

<product version="3.6.0.4294">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<add class-name="user" dest-dn="CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au"
event-id="N-IDM-GM#20100511060533#5#2"
qualified-src-dn="O=msb\OU=2016\CN=testperson2"
src-dn="\MSB\msb\2016\testperson2" src-entry-id="42890">
<add-attr attr-name="description">
<value timestamp="1273557933#3" type="string">Graduating Class of
2016</value>
</add-attr>
<add-attr attr-name="displayName">
<value timestamp="1273557933#14" type="string">test person2</value>
</add-attr>
<add-attr attr-name="givenName">
<value timestamp="1273557933#8" type="string">test</value>
</add-attr>
<add-attr attr-name="sn">
<value timestamp="1273557933#15" type="string">person2</value>
</add-attr>
<add-attr attr-name="sAMAccountName">
<value type="string">testperson2</value>
</add-attr>
<add-attr attr-name="dirxml-uACAccountDisable">
<value type="string">false</value>
</add-attr>
<password><!-- content suppressed --></password>
<operation-data unmatched-src-dn="CN=testperson2,OU=2016">
<password-subscribe-status>
<association/>
</password-subscribe-status>
</operation-data>
</add>
</input>
</nds>
16:05:33 98EFDBA0 Drvrs: AD2 ST:Password synchronization command
detected.
16:05:33 98EFDBA0 Drvrs: AD2 ST:Stripping operation data from input
document
16:05:33 98EFDBA0 Drvrs: AD2 ST:Remote Interface Driver: Sending...
16:05:33 98EFDBA0 Drvrs: AD2 ST:
<nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.6.0.4294">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<add class-name="user" dest-dn="CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au"
event-id="N-IDM-GM#20100511060533#5#2"
qualified-src-dn="O=msb\OU=2016\CN=testperson2"
src-dn="\MSB\msb\2016\testperson2" src-entry-id="42890">
<add-attr attr-name="description">
<value timestamp="1273557933#3" type="string">Graduating Class of
2016</value>
</add-attr>
<add-attr attr-name="displayName">
<value timestamp="1273557933#14" type="string">test person2</value>
</add-attr>
<add-attr attr-name="givenName">
<value timestamp="1273557933#8" type="string">test</value>
</add-attr>
<add-attr attr-name="sn">
<value timestamp="1273557933#15" type="string">person2</value>
</add-attr>
<add-attr attr-name="sAMAccountName">
<value type="string">testperson2</value>
</add-attr>
<add-attr attr-name="dirxml-uACAccountDisable">
<value type="string">false</value>
</add-attr>
<password><!-- content suppressed --></password>
</add>
</input>
</nds>
16:05:33 98EFDBA0 Drvrs: AD2 ST:Remote Interface Driver: Document
sent.
16:05:34 98E5BBA0 Drvrs: AD2 :Remote Interface Driver: Received.
16:05:34 98E5BBA0 Drvrs: AD2 :
<nds dtdversion="1.1" ndsversion="8.7">
<source>
<product asn1id="" build="20090313_120000"
instance="\MSB\msb\MSB_Driverset\AD2" version="3.5.5">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<add-association dest-dn="\MSB\msb\2016\testperson2"
dest-entry-id="42890"
event-id="N-IDM-GM#20100511060533#5#2">b90eecdfbfeaf24eb7caf93e82dd010d</add-association>
<status event-id="N-IDM-GM#20100511060533#5#2" level="success"/>
</output>
</nds>
16:05:34 98E5BBA0 Drvrs: AD2 :Remote Interface Driver: Received
document for subscriber channel
16:05:34 98E5BBA0 Drvrs: AD2 :Remote Interface Driver: Waiting for
receive...
16:05:34 98EFDBA0 Drvrs: AD2 ST:Password synchronization command status
detected.
16:05:34 98EFDBA0 Drvrs: AD2 ST:Restoring operation data to output
document
16:05:34 98EFDBA0 Drvrs: AD2 ST:SubscriptionShim.execute() returned:
16:05:34 98EFDBA0 Drvrs: AD2 ST:
<nds dtdversion="1.1" ndsversion="8.7">
<source>
<product asn1id="" build="20090313_120000"
instance="\MSB\msb\MSB_Driverset\AD2" version="3.5.5">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<add-association dest-dn="\MSB\msb\2016\testperson2"
dest-entry-id="42890"
event-id="N-IDM-GM#20100511060533#5#2">b90eecdfbfeaf24eb7caf93e82dd010d<operation-data
unmatched-src-dn="CN=testperson2,OU=2016">
<password-subscribe-status>
<association/>
</password-subscribe-status>
</operation-data>
</add-association>
<status event-id="N-IDM-GM#20100511060533#5#2" level="success">
<operation-data unmatched-src-dn="CN=testperson2,OU=2016">
<password-subscribe-status>
<association/>
</password-subscribe-status>
</operation-data>
</status>
</output>
</nds>


-- 
Magteq
------------------------------------------------------------------------
Magteq's Profile: http://forums.novell.com/member.php?userid=6475
View this thread: http://forums.novell.com/showthread.php?t=410160

0
Magteq
5/11/2010 6:26:01 AM
Part 3


16:05:34 98EFDBA0 Drvrs: AD2 ST:Applying input transformation
policies.
16:05:34 98EFDBA0 Drvrs: AD2 ST:Applying policy: InputTransform.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying to add-association #1.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'streetAddress: Convert CR-LF to LF'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'streetAddress: Convert
CR-LF to LF'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'logonHours: Convert to Login Allowed Time Map form'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'logonHours: Convert to
Login Allowed Time Map form'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'accountExpires: Convert to Identity Vault time format'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'accountExpires: Convert
to Identity Vault time format'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'lockoutTime: Convert to Identity Vault time format'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'lockoutTime: Convert to
Identity Vault time format'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying to status #2.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'streetAddress: Convert CR-LF to LF'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'streetAddress: Convert
CR-LF to LF'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'logonHours: Convert to Login Allowed Time Map form'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'logonHours: Convert to
Login Allowed Time Map form'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'accountExpires: Convert to Identity Vault time format'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'accountExpires: Convert
to Identity Vault time format'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'lockoutTime: Convert to Identity Vault time format'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'lockoutTime: Convert to
Identity Vault time format'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
16:05:34 98EFDBA0 Drvrs: AD2 ST:Policy returned:
16:05:34 98EFDBA0 Drvrs: AD2 ST:
<nds dtdversion="1.1" ndsversion="8.7">
<source>
<product asn1id="" build="20090313_120000"
instance="\MSB\msb\MSB_Driverset\AD2" version="3.5.5">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<add-association dest-dn="\MSB\msb\2016\testperson2"
dest-entry-id="42890"
event-id="N-IDM-GM#20100511060533#5#2">b90eecdfbfeaf24eb7caf93e82dd010d<operation-data
unmatched-src-dn="CN=testperson2,OU=2016">
<password-subscribe-status>
<association/>
</password-subscribe-status>
</operation-data>
</add-association>
<status event-id="N-IDM-GM#20100511060533#5#2" level="success">
<operation-data unmatched-src-dn="CN=testperson2,OU=2016">
<password-subscribe-status>
<association/>
</password-subscribe-status>
</operation-data>
</status>
</output>
</nds>
16:05:34 98EFDBA0 Drvrs: AD2 ST:Applying policy: Password(Pub)-Sub
Email Notifications.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying to add-association #1.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'Send e-mail on a failure when subscribing to passwords'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-global-variable
'notify-user-on-password-dist-failure' equal "true") = TRUE.
16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-operation equal "status") =
FALSE.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule rejected.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'Send e-mail on failure to reset connected system password using the
Identity Manager data store password'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-global-variable
'notify-user-on-password-dist-failure' equal "true") = TRUE.
16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-operation equal "status") =
FALSE.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule rejected.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying to status #2.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'Send e-mail on a failure when subscribing to passwords'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-global-variable
'notify-user-on-password-dist-failure' equal "true") = TRUE.
16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-operation equal "status") = TRUE.
16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-xpath true "self::status[@level !=
'success'][text() !=
'']/operation-data/password-subscribe-status/association[text() != '']")
= FALSE.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule rejected.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
'Send e-mail on failure to reset connected system password using the
Identity Manager data store password'.
16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-global-variable
'notify-user-on-password-dist-failure' equal "true") = TRUE.
16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-operation equal "status") = TRUE.
16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-xpath true "self::status[@level !=
'success']/operation-data/password-reset-status") = FALSE.
16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule rejected.
16:05:34 98EFDBA0 Drvrs: AD2 ST:Policy returned:
16:05:34 98EFDBA0 Drvrs: AD2 ST:
<nds dtdversion="1.1" ndsversion="8.7">
<source>
<product asn1id="" build="20090313_120000"
instance="\MSB\msb\MSB_Driverset\AD2" version="3.5.5">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<add-association dest-dn="\MSB\msb\2016\testperson2"
dest-entry-id="42890"
event-id="N-IDM-GM#20100511060533#5#2">b90eecdfbfeaf24eb7caf93e82dd010d<operation-data
unmatched-src-dn="CN=testperson2,OU=2016">
<password-subscribe-status>
<association/>
</password-subscribe-status>
</operation-data>
</add-association>
<status event-id="N-IDM-GM#20100511060533#5#2" level="success">
<operation-data unmatched-src-dn="CN=testperson2,OU=2016">
<password-subscribe-status>
<association/>
</password-subscribe-status>
</operation-data>
</status>
</output>
</nds>
16:05:34 98EFDBA0 Drvrs: AD2 ST:Applying schema mapping policies to
input.
16:05:34 98EFDBA0 Drvrs: AD2 ST:Applying policy: SchemaMapping.
16:05:34 98EFDBA0 Drvrs: AD2 ST:Resolving association references.
16:05:34 98EFDBA0 Drvrs: AD2 ST:Processing returned document.
16:05:34 98EFDBA0 Drvrs: AD2 ST:Processing operation <add-association>
for \MSB\msb\2016\testperson2.
16:05:34 98EFDBA0 Drvrs: AD2 ST:Processing operation <status> for .
16:05:34 98EFDBA0 Drvrs: AD2 ST:
DirXML Log Event -------------------
Driver: \MSB\msb\MSB_Driverset\AD2
Channel: Subscriber
Object: \MSB\msb\2016\testperson2
Status: Success
16:05:34 98EFDBA0 Drvrs: AD2 ST:Password synchronization event status
recorded.
16:05:34 98EFDBA0 Drvrs: AD2 ST:End transaction.


-- 
Magteq
------------------------------------------------------------------------
Magteq's Profile: http://forums.novell.com/member.php?userid=6475
View this thread: http://forums.novell.com/showthread.php?t=410160

0
Magteq
5/11/2010 6:26:01 AM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Post the Remote Loader trace from this same time period.  It looks like
all is well.  How are you verifying that the user is NOT showing up in MAD?

Good luck.





On 05/11/2010 12:26 AM, Magteq wrote:
> 
> Part 3
> 
> 
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Applying input transformation
> policies.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Applying policy: InputTransform.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying to add-association #1.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'streetAddress: Convert CR-LF to LF'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'streetAddress: Convert
> CR-LF to LF'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
> do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'logonHours: Convert to Login Allowed Time Map form'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'logonHours: Convert to
> Login Allowed Time Map form'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
> do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'accountExpires: Convert to Identity Vault time format'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'accountExpires: Convert
> to Identity Vault time format'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
> do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'lockoutTime: Convert to Identity Vault time format'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'lockoutTime: Convert to
> Identity Vault time format'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
> do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying to status #2.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'streetAddress: Convert CR-LF to LF'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'streetAddress: Convert
> CR-LF to LF'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
> do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'logonHours: Convert to Login Allowed Time Map form'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'logonHours: Convert to
> Login Allowed Time Map form'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
> do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'accountExpires: Convert to Identity Vault time format'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'accountExpires: Convert
> to Identity Vault time format'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
> do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'lockoutTime: Convert to Identity Vault time format'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule selected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying rule 'lockoutTime: Convert to
> Identity Vault time format'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Action:
> do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Policy returned:
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:
> <nds dtdversion="1.1" ndsversion="8.7">
> <source>
> <product asn1id="" build="20090313_120000"
> instance="\MSB\msb\MSB_Driverset\AD2" version="3.5.5">AD</product>
> <contact>Novell, Inc.</contact>
> </source>
> <output>
> <add-association dest-dn="\MSB\msb\2016\testperson2"
> dest-entry-id="42890"
> event-id="N-IDM-GM#20100511060533#5#2">b90eecdfbfeaf24eb7caf93e82dd010d<operation-data
> unmatched-src-dn="CN=testperson2,OU=2016">
> <password-subscribe-status>
> <association/>
> </password-subscribe-status>
> </operation-data>
> </add-association>
> <status event-id="N-IDM-GM#20100511060533#5#2" level="success">
> <operation-data unmatched-src-dn="CN=testperson2,OU=2016">
> <password-subscribe-status>
> <association/>
> </password-subscribe-status>
> </operation-data>
> </status>
> </output>
> </nds>
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Applying policy: Password(Pub)-Sub
> Email Notifications.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying to add-association #1.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'Send e-mail on a failure when subscribing to passwords'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-global-variable
> 'notify-user-on-password-dist-failure' equal "true") = TRUE.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-operation equal "status") =
> FALSE.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule rejected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'Send e-mail on failure to reset connected system password using the
> Identity Manager data store password'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-global-variable
> 'notify-user-on-password-dist-failure' equal "true") = TRUE.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-operation equal "status") =
> FALSE.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule rejected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Applying to status #2.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'Send e-mail on a failure when subscribing to passwords'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-global-variable
> 'notify-user-on-password-dist-failure' equal "true") = TRUE.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-operation equal "status") = TRUE.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-xpath true "self::status[@level !=
> 'success'][text() !=
> '']/operation-data/password-subscribe-status/association[text() != '']")
> = FALSE.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule rejected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Evaluating selection criteria for rule
> 'Send e-mail on failure to reset connected system password using the
> Identity Manager data store password'.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-global-variable
> 'notify-user-on-password-dist-failure' equal "true") = TRUE.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-operation equal "status") = TRUE.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: (if-xpath true "self::status[@level !=
> 'success']/operation-data/password-reset-status") = FALSE.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST: Rule rejected.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Policy returned:
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:
> <nds dtdversion="1.1" ndsversion="8.7">
> <source>
> <product asn1id="" build="20090313_120000"
> instance="\MSB\msb\MSB_Driverset\AD2" version="3.5.5">AD</product>
> <contact>Novell, Inc.</contact>
> </source>
> <output>
> <add-association dest-dn="\MSB\msb\2016\testperson2"
> dest-entry-id="42890"
> event-id="N-IDM-GM#20100511060533#5#2">b90eecdfbfeaf24eb7caf93e82dd010d<operation-data
> unmatched-src-dn="CN=testperson2,OU=2016">
> <password-subscribe-status>
> <association/>
> </password-subscribe-status>
> </operation-data>
> </add-association>
> <status event-id="N-IDM-GM#20100511060533#5#2" level="success">
> <operation-data unmatched-src-dn="CN=testperson2,OU=2016">
> <password-subscribe-status>
> <association/>
> </password-subscribe-status>
> </operation-data>
> </status>
> </output>
> </nds>
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Applying schema mapping policies to
> input.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Applying policy: SchemaMapping.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Resolving association references.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Processing returned document.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Processing operation <add-association>
> for \MSB\msb\2016\testperson2.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Processing operation <status> for .
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:
> DirXML Log Event -------------------
> Driver: \MSB\msb\MSB_Driverset\AD2
> Channel: Subscriber
> Object: \MSB\msb\2016\testperson2
> Status: Success
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:Password synchronization event status
> recorded.
> 16:05:34 98EFDBA0 Drvrs: AD2 ST:End transaction.
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJL6PkwAAoJEF+XTK08PnB5SNwP/RZ4wjnbEqc7W8LkPClKMLIb
cEWrooJbGmmfZxo4BqPoL9q7xKE6eI6E1KH2dQelosxSDZ/YPNojKlI766I3Ba86
/mUb8fAT+JfY5ug5J01NUihYhU464vJkV0SJ5mymRYPhOgaIX/mry+bWAFCy1Hcj
6OolOj9mVK/txbHSzTfD48CSb82mQHxujw0u6XMWhAkuvEVmJc4iL9kuU8EylvaE
vLvBENqZ4/8x20f20/EHSE65wCdLlEBg/rPnxUhOKcreLqrVqWTp6/Gy4qdZ9CHy
D9qvzKCAOc128MUGvFNjfnzP/rcZ11kgzRuTO3ELnkr2v9+rOQJpaDFbIr3z29ce
WlVPqtMnWybwjuuj1ThcNsBMfOPZoKTnnbsQR7JRCEkybpAdDLZQ6V+xKorWaHoq
9b7LAvCe/yqaGTYyBnjwOE+rzM3ngBfPz/ECNe7SlKisAMLRWm5v55OFzmjgc07z
eeOlzMkQ0ZPvyYWE2l5t75jybGpfFQ2iJJipXj/skGknVgDPMOS5FCheg7WC9bD9
cYszfkmcK3St3H2MwDDjmxrfmJ/Lhf1h0J1UZArwcRPA6vzFl1OkCAxkpOfHL0uu
fOsnr2oYMwC8BcumcyntXSoGGrc+4GGR6Vo7/h/F8huUWPq3Plvkmp+ddTyUjqBy
xcGMSnfQmK6JfEom4IU/
=G+AS
-----END PGP SIGNATURE-----
0
ab
5/11/2010 6:29:37 AM
On Tue, 11 May 2010 01:56:02 +0000, Magteq wrote:

> I have a really weird problem here. My AD driver is setup to do a mirror
> sync of Edirectory one way. All changes to existing objects (passwords
> etc) are syncing perfectly but when a new user is created they never
> appear in AD.

"Never" as in you look and they're not there. Or "never" as in even if 
you wait a few minutes, then look, they're not there?

With MAD, the create happens on one DC, and there is a slight delay as it 
replicates to the other DCs in the domain. If your create happens on DC1, 
and you look immediately on DC2, it's quite possible that you won't see 
the newly created object. In testing here, we see about a 5 minute delay 
before all DCs agree that a newly created object actually exists.


-- 
---------------------------------------------------------------------------
 David Gersic                                            dgersic_@_niu.edu
 Novell Knowledge Partner                         http://forums.novell.com

 Please post questions in the newsgroups.   No support provided via email.

0
David
5/11/2010 6:29:50 PM
David Gersic wrote:
> On Tue, 11 May 2010 01:56:02 +0000, Magteq wrote:
> 
>> I have a really weird problem here. My AD driver is setup to do a mirror
>> sync of Edirectory one way. All changes to existing objects (passwords
>> etc) are syncing perfectly but when a new user is created they never
>> appear in AD.
> 
> "Never" as in you look and they're not there. Or "never" as in even if 
> you wait a few minutes, then look, they're not there?
> 
> With MAD, the create happens on one DC, and there is a slight delay as it 
> replicates to the other DCs in the domain. If your create happens on DC1, 
> and you look immediately on DC2, it's quite possible that you won't see 
> the newly created object. In testing here, we see about a 5 minute delay 
> before all DCs agree that a newly created object actually exists.

And then there is a maddening behavior of the MMC snapin, dsa.msc for 
the AD Users and Computers, where you have to click refresh for it to 
reread the data.  So if you do not refresh, you do not see new creates 
till you close and reopen the MMC.
0
Geoffrey
5/11/2010 6:34:50 PM
Hi All 
Thanks for your replies. I have been looking in AD Users and computers
for the users and closing it down and restarting it and after 12 hours
the test user in the trace has still not appeared. I loaded ADSI Edit to
see if they were there thinking they may be missing mandatory attributes
to be listed in AD Users and computers but no trace of them. 

As you requested here is the Remote loader trace Sorry it is in a few
parts again. 

Thanks once again for your help

Magteq

<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<input>
		<query class-name="user" dest-dn="DC=msb,DC=nsw,DC=edu,DC=au"
event-id="0" scope="subtree">
			<search-class class-name="user"/>
			<search-attr attr-name="sAMAccountName">
				<value type="string">testperson2</value>
			</search-attr>
			<read-attr/>
		</query>
	</input>
</nds>
DirXML: [05/11/10 16:05:12.80]: ADDriver: parse command

className    user
destDN       DC=msb,DC=nsw,DC=edu,DC=au
eventId      0
association  
DirXML: [05/11/10 16:05:12.80]: ADDriver: query
DirXML: [05/11/10 16:05:12.80]: ADDriver: query constraints
DirXML: [05/11/10 16:05:12.80]: ADDriver:    search-class user
DirXML: [05/11/10 16:05:12.80]: ADDriver:   search-attr sAMAccountName
DirXML: [05/11/10 16:05:12.80]: ADDriver:     testperson2
DirXML: [05/11/10 16:05:12.80]: ADDriver:    read-attr (do not return
attributes)
DirXML: [05/11/10 16:05:12.80]: ADDriver: query
base DN: DC=msb,DC=nsw,DC=edu,DC=au,
filter:
(&(&(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=msb,DC=nsw,DC=edu,DC=au)(objectClass=user))(sAMAccountName=testperson2)),
return: (attribute values) objectClass, objectGUID, 
DirXML: [05/11/10 16:05:12.80]: ADDriver: query
base DN: DC=msb,DC=nsw,DC=edu,DC=au,
filter:
(&(&(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=msb,DC=nsw,DC=edu,DC=au)(objectClass=user))(sAMAccountName=testperson2)),
return: (attribute values) objectClass, objectGUID, 
DirXML: [05/11/10 16:05:12.80]: ADDriver: ldap get next page (
2147483647)
DirXML: [05/11/10 16:05:12.87]: Loader: subscriptionShim->execute()
returned:
DirXML: [05/11/10 16:05:12.87]: Loader: XML Document:
DirXML: [05/11/10 16:05:12.87]: <nds ndsversion="8.7"
dtdversion="1.1">
	<source>
		<product version="3.5.5" asn1id="" build="20090313_120000"
instance="\MSB\msb\MSB_Driverset\AD2">AD</product>
		<contact>Novell, Inc.</contact>
	</source>
	<output>
		<status level="success" event-id="0"/>
	</output>
</nds>
DirXML: [05/11/10 16:05:12.87]: 
DirXML Log Event -------------------
Driver  = \MSB\msb\MSB_Driverset\AD2
Thread  = Subscriber Channel
Level   = success
DirXML: [05/11/10 16:05:12.89]: Loader: Received 'subscriber execute'
document
DirXML: [05/11/10 16:05:12.89]: Loader: XML Document:
DirXML: [05/11/10 16:05:12.89]: <nds dtdversion="3.5"
ndsversion="8.x">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<input>
		<query class-name="user" dest-dn="CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au" event-id="0" scope="entry">
			<search-class class-name="user"/>
			<read-attr/>
		</query>
	</input>
</nds>
DirXML: [05/11/10 16:05:12.89]: Loader: Calling
subscriptionShim->execute()
DirXML: [05/11/10 16:05:12.89]: Loader: XML Document:
DirXML: [05/11/10 16:05:12.89]: <nds dtdversion="3.5"
ndsversion="8.x">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<input>
		<query class-name="user" dest-dn="CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au" event-id="0" scope="entry">
			<search-class class-name="user"/>
			<read-attr/>
		</query>
	</input>
</nds>
DirXML: [05/11/10 16:05:12.89]: ADDriver: parse command

className    user
destDN       CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
eventId      0
association  
DirXML: [05/11/10 16:05:12.89]: ADDriver: query
DirXML: [05/11/10 16:05:12.89]: ADDriver: query constraints
DirXML: [05/11/10 16:05:12.89]: ADDriver:    search-class user
DirXML: [05/11/10 16:05:12.89]: ADDriver:    read-attr (do not return
attributes)
DirXML: [05/11/10 16:05:12.89]: ADDriver: query
base DN: CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au,
filter:
(&(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=msb,DC=nsw,DC=edu,DC=au)(objectClass=user)),
return: (attribute values) objectClass, objectGUID, 
DirXML: [05/11/10 16:05:12.89]: ADDriver: query
base DN: CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au,
filter:
(&(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=msb,DC=nsw,DC=edu,DC=au)(objectClass=user)),
return: (attribute values) objectClass, objectGUID, 
DirXML: [05/11/10 16:05:12.89]: ADDriver: ldap get next page (
2147483647)
DirXML: [05/11/10 16:05:12.89]: Loader: subscriptionShim->execute()
returned:
DirXML: [05/11/10 16:05:12.89]: Loader: XML Document:
DirXML: [05/11/10 16:05:12.89]: <nds ndsversion="8.7"
dtdversion="1.1">
	<source>
		<product version="3.5.5" asn1id="" build="20090313_120000"
instance="\MSB\msb\MSB_Driverset\AD2">AD</product>
		<contact>Novell, Inc.</contact>
	</source>
	<output>
		<status level="success" event-id="0"/>
	</output>
</nds>
DirXML: [05/11/10 16:05:12.89]: 
DirXML Log Event -------------------
Driver  = \MSB\msb\MSB_Driverset\AD2
Thread  = Subscriber Channel
Level   = success
DirXML: [05/11/10 16:05:13.02]: Loader: Received 'subscriber execute'
document
DirXML: [05/11/10 16:05:13.02]: Loader: XML Document:
DirXML: [05/11/10 16:05:13.02]: <nds dtdversion="3.5"
ndsversion="8.x">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<input>
		<query class-name="user" dest-dn="DC=msb,DC=nsw,DC=edu,DC=au"
event-id="0" scope="subtree">
			<search-class class-name="user"/>
			<search-attr attr-name="sAMAccountName">
				<value type="string">testperson2</value>
			</search-attr>
			<read-attr/>
		</query>
	</input>
</nds>
DirXML: [05/11/10 16:05:13.02]: Loader: Calling
subscriptionShim->execute()
DirXML: [05/11/10 16:05:13.02]: Loader: XML Document:
DirXML: [05/11/10 16:05:13.02]: <nds dtdversion="3.5"
ndsversion="8.x">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<input>
		<query class-name="user" dest-dn="DC=msb,DC=nsw,DC=edu,DC=au"
event-id="0" scope="subtree">
			<search-class class-name="user"/>
			<search-attr attr-name="sAMAccountName">
				<value type="string">testperson2</value>
			</search-attr>
			<read-attr/>
		</query>
	</input>
</nds>


-- 
Magteq
------------------------------------------------------------------------
Magteq's Profile: http://forums.novell.com/member.php?userid=6475
View this thread: http://forums.novell.com/showthread.php?t=410160

0
Magteq
5/12/2010 12:56:01 AM
Part 2



DirXML: [05/11/10 16:05:13.02]: ADDriver: parse command

className    user
destDN       DC=msb,DC=nsw,DC=edu,DC=au
eventId      0
association  
DirXML: [05/11/10 16:05:13.02]: ADDriver: query
DirXML: [05/11/10 16:05:13.02]: ADDriver: query constraints
DirXML: [05/11/10 16:05:13.02]: ADDriver:    search-class user
DirXML: [05/11/10 16:05:13.02]: ADDriver:   search-attr sAMAccountName
DirXML: [05/11/10 16:05:13.02]: ADDriver:     testperson2
DirXML: [05/11/10 16:05:13.02]: ADDriver:    read-attr (do not return
attributes)
DirXML: [05/11/10 16:05:13.02]: ADDriver: query
base DN: DC=msb,DC=nsw,DC=edu,DC=au,
filter:
(&(&(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=msb,DC=nsw,DC=edu,DC=au)(objectClass=user))(sAMAccountName=testperson2)),
return: (attribute values) objectClass, objectGUID, 
DirXML: [05/11/10 16:05:13.02]: ADDriver: query
base DN: DC=msb,DC=nsw,DC=edu,DC=au,
filter:
(&(&(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=msb,DC=nsw,DC=edu,DC=au)(objectClass=user))(sAMAccountName=testperson2)),
return: (attribute values) objectClass, objectGUID, 
DirXML: [05/11/10 16:05:13.02]: ADDriver: ldap get next page (
2147483647)
DirXML: [05/11/10 16:05:13.02]: Loader: subscriptionShim->execute()
returned:
DirXML: [05/11/10 16:05:13.02]: Loader: XML Document:
DirXML: [05/11/10 16:05:13.02]: <nds ndsversion="8.7"
dtdversion="1.1">
	<source>
		<product version="3.5.5" asn1id="" build="20090313_120000"
instance="\MSB\msb\MSB_Driverset\AD2">AD</product>
		<contact>Novell, Inc.</contact>
	</source>
	<output>
		<status level="success" event-id="0"/>
	</output>
</nds>
DirXML: [05/11/10 16:05:13.02]: 
DirXML Log Event -------------------
Driver  = \MSB\msb\MSB_Driverset\AD2
Thread  = Subscriber Channel
Level   = success
DirXML: [05/11/10 16:05:13.03]: Loader: Received 'subscriber execute'
document
DirXML: [05/11/10 16:05:13.03]: Loader: XML Document:
DirXML: [05/11/10 16:05:13.03]: <nds dtdversion="3.5"
ndsversion="8.x">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<input>
		<query class-name="user" dest-dn="CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au" event-id="0" scope="entry">
			<search-class class-name="user"/>
			<read-attr/>
		</query>
	</input>
</nds>
DirXML: [05/11/10 16:05:13.03]: Loader: Calling
subscriptionShim->execute()
DirXML: [05/11/10 16:05:13.03]: Loader: XML Document:
DirXML: [05/11/10 16:05:13.03]: <nds dtdversion="3.5"
ndsversion="8.x">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<input>
		<query class-name="user" dest-dn="CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au" event-id="0" scope="entry">
			<search-class class-name="user"/>
			<read-attr/>
		</query>
	</input>
</nds>
DirXML: [05/11/10 16:05:13.03]: ADDriver: parse command

className    user
destDN       CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
eventId      0
association  
DirXML: [05/11/10 16:05:13.03]: ADDriver: query
DirXML: [05/11/10 16:05:13.03]: ADDriver: query constraints
DirXML: [05/11/10 16:05:13.03]: ADDriver:    search-class user
DirXML: [05/11/10 16:05:13.03]: ADDriver:    read-attr (do not return
attributes)
DirXML: [05/11/10 16:05:13.03]: ADDriver: query
base DN: CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au,
filter:
(&(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=msb,DC=nsw,DC=edu,DC=au)(objectClass=user)),
return: (attribute values) objectClass, objectGUID, 
DirXML: [05/11/10 16:05:13.03]: ADDriver: query
base DN: CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au,
filter:
(&(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=msb,DC=nsw,DC=edu,DC=au)(objectClass=user)),
return: (attribute values) objectClass, objectGUID, 
DirXML: [05/11/10 16:05:13.03]: ADDriver: ldap get next page (
2147483647)
DirXML: [05/11/10 16:05:13.03]: Loader: subscriptionShim->execute()
returned:
DirXML: [05/11/10 16:05:13.03]: Loader: XML Document:
DirXML: [05/11/10 16:05:13.03]: <nds ndsversion="8.7"
dtdversion="1.1">
	<source>
		<product version="3.5.5" asn1id="" build="20090313_120000"
instance="\MSB\msb\MSB_Driverset\AD2">AD</product>
		<contact>Novell, Inc.</contact>
	</source>
	<output>
		<status level="success" event-id="0"/>
	</output>
</nds>
DirXML: [05/11/10 16:05:13.03]: 
DirXML Log Event -------------------
Driver  = \MSB\msb\MSB_Driverset\AD2
Thread  = Subscriber Channel
Level   = success
DirXML: [05/11/10 16:05:13.06]: Loader: Received 'subscriber execute'
document
DirXML: [05/11/10 16:05:13.06]: Loader: XML Document:
DirXML: [05/11/10 16:05:13.06]: <nds dtdversion="3.5"
ndsversion="8.x">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<input>
		<add class-name="user" dest-dn="CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au"
event-id="N-IDM-GM#20100511060533#5#2"
qualified-src-dn="O=msb\OU=2016\CN=testperson2"
src-dn="\MSB\msb\2016\testperson2" src-entry-id="42890">
			<add-attr attr-name="description">
				<value timestamp="1273557933#3" type="string">Graduating Class of
2016</value>
			</add-attr>
			<add-attr attr-name="displayName">
				<value timestamp="1273557933#14" type="string">test
person2</value>
			</add-attr>
			<add-attr attr-name="givenName">
				<value timestamp="1273557933#8" type="string">test</value>
			</add-attr>
			<add-attr attr-name="sn">
				<value timestamp="1273557933#15" type="string">person2</value>
			</add-attr>
			<add-attr attr-name="sAMAccountName">
				<value type="string">testperson2</value>
			</add-attr>
			<add-attr attr-name="dirxml-uACAccountDisable">
				<value type="string">false</value>
			</add-attr>
			<password><!-- content suppressed --></password>
		</add>
	</input>
</nds>
DirXML: [05/11/10 16:05:13.06]: Loader: Calling
subscriptionShim->execute()
DirXML: [05/11/10 16:05:13.06]: Loader: XML Document:
DirXML: [05/11/10 16:05:13.06]: <nds dtdversion="3.5"
ndsversion="8.x">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<input>
		<add class-name="user" dest-dn="CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au"
event-id="N-IDM-GM#20100511060533#5#2"
qualified-src-dn="O=msb\OU=2016\CN=testperson2"
src-dn="\MSB\msb\2016\testperson2" src-entry-id="42890">
			<add-attr attr-name="description">
				<value timestamp="1273557933#3" type="string">Graduating Class of
2016</value>
			</add-attr>
			<add-attr attr-name="displayName">
				<value timestamp="1273557933#14" type="string">test
person2</value>
			</add-attr>
			<add-attr attr-name="givenName">
				<value timestamp="1273557933#8" type="string">test</value>
			</add-attr>
			<add-attr attr-name="sn">
				<value timestamp="1273557933#15" type="string">person2</value>
			</add-attr>
			<add-attr attr-name="sAMAccountName">
				<value type="string">testperson2</value>
			</add-attr>
			<add-attr attr-name="dirxml-uACAccountDisable">
				<value type="string">false</value>
			</add-attr>
			<password><!-- content suppressed --></password>
		</add>
	</input>
</nds>
DirXML: [05/11/10 16:05:13.06]: ADDriver: parse command

className    user
destDN       CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
eventId      N-IDM-GM#20100511060533#5#2
association  
DirXML: [05/11/10 16:05:13.06]: ADDriver: MadCommandAdd::onCommand
DirXML: [05/11/10 16:05:13.06]: ADDriver:
MadCommandAdd::insertXdsAttributes()
DirXML: [05/11/10 16:05:13.06]: ADDriver: description
DirXML: [05/11/10 16:05:13.06]: ADDriver: displayName
DirXML: [05/11/10 16:05:13.06]: ADDriver: givenName
DirXML: [05/11/10 16:05:13.06]: ADDriver: sn
DirXML: [05/11/10 16:05:13.06]: ADDriver: sAMAccountName
DirXML: [05/11/10 16:05:13.06]: ADDriver: dirxml-uACAccountDisable
DirXML: [05/11/10 16:05:13.06]: ADDriver: Add user CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
LDAPMod operations:
add attribute objectClass
>> user
add attribute objectCategory
>> CN=Person,CN=Schema,CN=Configuration,DC=msb,DC=nsw,DC=edu,DC=au
add attribute description
>> Graduating Class of 2016
add attribute displayName
>> test person2
add attribute givenName
>> test
add attribute sn
>> person2
add attribute sAMAccountName
>> testperson2
DirXML: [05/11/10 16:05:14.05]: ADDriver: change password: old=(none),
new=***
DirXML: [05/11/10 16:05:14.45]: ADDriver: password change complete
DirXML: [05/11/10 16:05:14.45]: ADDriver: set userAccountControl
returns 0x0000
DirXML: [05/11/10 16:05:14.45]: Loader: subscriptionShim->execute()
returned:
DirXML: [05/11/10 16:05:14.45]: Loader: XML Document:
DirXML: [05/11/10 16:05:14.45]: <nds ndsversion="8.7"
dtdversion="1.1">
	<source>


-- 
Magteq
------------------------------------------------------------------------
Magteq's Profile: http://forums.novell.com/member.php?userid=6475
View this thread: http://forums.novell.com/showthread.php?t=410160

0
Magteq
5/12/2010 12:56:01 AM
Part 3
<product version="3.5.5" asn1id="" build="20090313_120000"
instance="\MSB\msb\MSB_Driverset\AD2">AD</product>
		<contact>Novell, Inc.</contact>
	</source>
	<output>
		<add-association dest-dn="\MSB\msb\2016\testperson2"
dest-entry-id="42890"
event-id="N-IDM-GM#20100511060533#5#2">b90eecdfbfeaf24eb7caf93e82dd010d</add-association>
		<status level="success" event-id="N-IDM-GM#20100511060533#5#2"/>
	</output>
</nds>
DirXML: [05/11/10 16:05:14.45]: 
DirXML Log Event -------------------
Driver  = \MSB\msb\MSB_Driverset\AD2
Thread  = Subscriber Channel
Object  = \MSB\msb\2016\testperson2 (CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au)
Level   = success
DirXML: [05/11/10 16:05:30.45]: ADDriver: get object changes - 0x0000
DirXML: [05/11/10 16:05:30.45]: ADDriver: process object change entry
DirXML: [05/11/10 16:05:30.45]: ADDriver: Processing change from AD:
isDeleted: NULL, whenCreated 20100511060513.0Z, name test person2
DirXML: [05/11/10 16:05:30.45]: ADDriver: Publisher ADD
DirXML: [05/11/10 16:05:30.45]: ADDriver: Publisher-effectiveClassQuery
dn=CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au  className=user
DirXML: [05/11/10 16:05:30.45]: ADDriver: description
	appending addAttr attribute to input document...
DirXML: [05/11/10 16:05:30.45]: ADDriver: dirxml-uACAccountDisable
	appending addAttr attribute to input document...
DirXML: [05/11/10 16:05:30.45]: ADDriver: displayName
	appending addAttr attribute to input document...
DirXML: [05/11/10 16:05:30.47]: ADDriver: facsimileTelephoneNumber
DirXML: [05/11/10 16:05:30.47]: ADDriver: givenName
	appending addAttr attribute to input document...
DirXML: [05/11/10 16:05:30.47]: ADDriver: initials
DirXML: [05/11/10 16:05:30.47]: ADDriver: l
DirXML: [05/11/10 16:05:30.47]: ADDriver: logonHours
DirXML: [05/11/10 16:05:30.47]: ADDriver: mail
DirXML: [05/11/10 16:05:30.47]: ADDriver: physicalDeliveryOfficeName
DirXML: [05/11/10 16:05:30.47]: ADDriver: postOfficeBox
DirXML: [05/11/10 16:05:30.47]: ADDriver: postalCode
DirXML: [05/11/10 16:05:30.47]: ADDriver: sAMAccountName
	appending addAttr attribute to input document...
DirXML: [05/11/10 16:05:30.47]: ADDriver: sn
	appending addAttr attribute to input document...
DirXML: [05/11/10 16:05:30.47]: ADDriver: st
DirXML: [05/11/10 16:05:30.47]: ADDriver: streetAddress
DirXML: [05/11/10 16:05:30.47]: ADDriver: telephoneNumber
DirXML: [05/11/10 16:05:30.47]: ADDriver: title
DirXML: [05/11/10 16:05:30.47]: Loader: Received document from
publicationShim
DirXML: [05/11/10 16:05:30.47]: Loader: XML Document:
DirXML: [05/11/10 16:05:30.47]: <nds dtdversion="2.2">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<input>
		<add class-name="user" event-id="AD2##12885f7d1da##0" src-dn="CN=test
person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au">
			<association>b90eecdfbfeaf24eb7caf93e82dd010d</association>
			<add-attr attr-name="description">
				<value type="string" naming="false">Graduating Class of
2016</value>
			</add-attr>
			<add-attr attr-name="dirxml-uACAccountDisable">
				<value type="state">false</value>
			</add-attr>
			<add-attr attr-name="displayName">
				<value type="string" naming="false">test person2</value>
			</add-attr>
			<add-attr attr-name="givenName">
				<value type="string" naming="false">test</value>
			</add-attr>
			<add-attr attr-name="sAMAccountName">
				<value type="string" naming="false">testperson2</value>
			</add-attr>
			<add-attr attr-name="sn">
				<value type="string" naming="false">person2</value>
			</add-attr>
		</add>
	</input>
</nds>
DirXML: [05/11/10 16:05:30.50]: Loader: Received 'publisher reply'
document
DirXML: [05/11/10 16:05:30.50]: Loader: XML Document:
DirXML: [05/11/10 16:05:30.50]: <nds dtdversion="3.5"
ndsversion="8.x">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<output>
		<status event-id="AD2##12885f7d1da##0"
level="success"><application>DirXML</application>
			<module>AD2</module>
			<object-dn>CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
(msb\2016\testperson2)</object-dn>
			<component>Publisher</component>
		</status>
	</output>
</nds>
DirXML: [05/11/10 16:05:30.50]: Loader: DirXML returned:
DirXML: [05/11/10 16:05:30.50]: Loader: XML Document:
DirXML: [05/11/10 16:05:30.50]: <nds dtdversion="3.5"
ndsversion="8.x">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<output>
		<status event-id="AD2##12885f7d1da##0"
level="success"><application>DirXML</application>
			<module>AD2</module>
			<object-dn>CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
(msb\2016\testperson2)</object-dn>
			<component>Publisher</component>
		</status>
	</output>
</nds>
DirXML: [05/11/10 16:05:30.50]: 
DirXML Log Event -------------------
Driver  = \MSB\msb\MSB_Driverset\AD2
Thread  = Publisher Channel
Object  = CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
Level   = success
Message = <application>DirXML</application>
<module>AD2</module>
<object-dn>CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
(msb\2016\testperson2)</object-dn>
<component>Publisher</component>
DirXML: [05/11/10 16:05:30.50]: Loader: Received document from
publicationShim
DirXML: [05/11/10 16:05:30.50]: Loader: XML Document:
DirXML: [05/11/10 16:05:30.50]: <nds dtdversion="2.2">
	<source>
		<product version="3.6.0.4294">DirXML</product>
		<contact>Novell, Inc.</contact>
	</source>
	<input>
		<init-params>
			<publisher-state>
				<cookie>TVNEUwMAAAAL17P1z/DKAQAAAAAAAAAAoAAAAOBLDgAAAAAAAAAAAAAAAADgSw4AAAAAAHMj0gU9rfRFilaUPuQjKMUBAAAAAAAAAAYAAAAAAAAAcyPSBT2t9EWKVpQ+5CMoxeBLDgAAAAAAGMq9ZK7joE6O7v/jlJXghaTeLwAAAAAAPaitf03OBUm55zg3/4CAUz/lDwAAAAAAtyDPkJRFeEi0/CI7MYfUzlF6MgAAAAAApnFU4Xbzf0W6zy5kTamJ3j08agAAAAAAoZ/R9XnH0EaXBlkoWln6S5hyDQAAAAAA</cookie>
			</publisher-state>
		</init-params>
	</input>
</nds>
DirXML: [05/11/10 16:05:30.50]: Loader: Writing driver state to file
DirXML: [05/11/10 16:05:30.50]: Loader: Document consists only of
state; not sending to remote side
DirXML: [05/11/10 16:05:30.50]: Loader: Returning to publisher:
DirXML: [05/11/10 16:05:30.50]: Loader: XML Document:
DirXML: [05/11/10 16:05:30.50]: <nds ndsversion="8.6"
dtdversion="1.0">
	<output>
		<status level="success"/>
	</output>


-- 
Magteq
------------------------------------------------------------------------
Magteq's Profile: http://forums.novell.com/member.php?userid=6475
View this thread: http://forums.novell.com/showthread.php?t=410160

0
Magteq
5/12/2010 12:56:01 AM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It's there.  Your tools are munged or you're looking in the wrong spot.
It is so there, even, that fifteen seconds later the polling interval
picks it up (from MAD) and tries to send it back to the engine side (the
MAD driver always loops back).

Good luck.





On 05/11/2010 06:56 PM, Magteq wrote:
> 
> Part 3
> <product version="3.5.5" asn1id="" build="20090313_120000"
> instance="\MSB\msb\MSB_Driverset\AD2">AD</product>
> 		<contact>Novell, Inc.</contact>
> 	</source>
> 	<output>
> 		<add-association dest-dn="\MSB\msb\2016\testperson2"
> dest-entry-id="42890"
> event-id="N-IDM-GM#20100511060533#5#2">b90eecdfbfeaf24eb7caf93e82dd010d</add-association>
> 		<status level="success" event-id="N-IDM-GM#20100511060533#5#2"/>
> 	</output>
> </nds>
> DirXML: [05/11/10 16:05:14.45]: 
> DirXML Log Event -------------------
> Driver  = \MSB\msb\MSB_Driverset\AD2
> Thread  = Subscriber Channel
> Object  = \MSB\msb\2016\testperson2 (CN=test
> person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au)
> Level   = success
> DirXML: [05/11/10 16:05:30.45]: ADDriver: get object changes - 0x0000
> DirXML: [05/11/10 16:05:30.45]: ADDriver: process object change entry
> DirXML: [05/11/10 16:05:30.45]: ADDriver: Processing change from AD:
> isDeleted: NULL, whenCreated 20100511060513.0Z, name test person2
> DirXML: [05/11/10 16:05:30.45]: ADDriver: Publisher ADD
> DirXML: [05/11/10 16:05:30.45]: ADDriver: Publisher-effectiveClassQuery
> dn=CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au  className=user
> DirXML: [05/11/10 16:05:30.45]: ADDriver: description
> 	appending addAttr attribute to input document...
> DirXML: [05/11/10 16:05:30.45]: ADDriver: dirxml-uACAccountDisable
> 	appending addAttr attribute to input document...
> DirXML: [05/11/10 16:05:30.45]: ADDriver: displayName
> 	appending addAttr attribute to input document...
> DirXML: [05/11/10 16:05:30.47]: ADDriver: facsimileTelephoneNumber
> DirXML: [05/11/10 16:05:30.47]: ADDriver: givenName
> 	appending addAttr attribute to input document...
> DirXML: [05/11/10 16:05:30.47]: ADDriver: initials
> DirXML: [05/11/10 16:05:30.47]: ADDriver: l
> DirXML: [05/11/10 16:05:30.47]: ADDriver: logonHours
> DirXML: [05/11/10 16:05:30.47]: ADDriver: mail
> DirXML: [05/11/10 16:05:30.47]: ADDriver: physicalDeliveryOfficeName
> DirXML: [05/11/10 16:05:30.47]: ADDriver: postOfficeBox
> DirXML: [05/11/10 16:05:30.47]: ADDriver: postalCode
> DirXML: [05/11/10 16:05:30.47]: ADDriver: sAMAccountName
> 	appending addAttr attribute to input document...
> DirXML: [05/11/10 16:05:30.47]: ADDriver: sn
> 	appending addAttr attribute to input document...
> DirXML: [05/11/10 16:05:30.47]: ADDriver: st
> DirXML: [05/11/10 16:05:30.47]: ADDriver: streetAddress
> DirXML: [05/11/10 16:05:30.47]: ADDriver: telephoneNumber
> DirXML: [05/11/10 16:05:30.47]: ADDriver: title
> DirXML: [05/11/10 16:05:30.47]: Loader: Received document from
> publicationShim
> DirXML: [05/11/10 16:05:30.47]: Loader: XML Document:
> DirXML: [05/11/10 16:05:30.47]: <nds dtdversion="2.2">
> 	<source>
> 		<product version="3.6.0.4294">DirXML</product>
> 		<contact>Novell, Inc.</contact>
> 	</source>
> 	<input>
> 		<add class-name="user" event-id="AD2##12885f7d1da##0" src-dn="CN=test
> person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au">
> 			<association>b90eecdfbfeaf24eb7caf93e82dd010d</association>
> 			<add-attr attr-name="description">
> 				<value type="string" naming="false">Graduating Class of
> 2016</value>
> 			</add-attr>
> 			<add-attr attr-name="dirxml-uACAccountDisable">
> 				<value type="state">false</value>
> 			</add-attr>
> 			<add-attr attr-name="displayName">
> 				<value type="string" naming="false">test person2</value>
> 			</add-attr>
> 			<add-attr attr-name="givenName">
> 				<value type="string" naming="false">test</value>
> 			</add-attr>
> 			<add-attr attr-name="sAMAccountName">
> 				<value type="string" naming="false">testperson2</value>
> 			</add-attr>
> 			<add-attr attr-name="sn">
> 				<value type="string" naming="false">person2</value>
> 			</add-attr>
> 		</add>
> 	</input>
> </nds>
> DirXML: [05/11/10 16:05:30.50]: Loader: Received 'publisher reply'
> document
> DirXML: [05/11/10 16:05:30.50]: Loader: XML Document:
> DirXML: [05/11/10 16:05:30.50]: <nds dtdversion="3.5"
> ndsversion="8.x">
> 	<source>
> 		<product version="3.6.0.4294">DirXML</product>
> 		<contact>Novell, Inc.</contact>
> 	</source>
> 	<output>
> 		<status event-id="AD2##12885f7d1da##0"
> level="success"><application>DirXML</application>
> 			<module>AD2</module>
> 			<object-dn>CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
> (msb\2016\testperson2)</object-dn>
> 			<component>Publisher</component>
> 		</status>
> 	</output>
> </nds>
> DirXML: [05/11/10 16:05:30.50]: Loader: DirXML returned:
> DirXML: [05/11/10 16:05:30.50]: Loader: XML Document:
> DirXML: [05/11/10 16:05:30.50]: <nds dtdversion="3.5"
> ndsversion="8.x">
> 	<source>
> 		<product version="3.6.0.4294">DirXML</product>
> 		<contact>Novell, Inc.</contact>
> 	</source>
> 	<output>
> 		<status event-id="AD2##12885f7d1da##0"
> level="success"><application>DirXML</application>
> 			<module>AD2</module>
> 			<object-dn>CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
> (msb\2016\testperson2)</object-dn>
> 			<component>Publisher</component>
> 		</status>
> 	</output>
> </nds>
> DirXML: [05/11/10 16:05:30.50]: 
> DirXML Log Event -------------------
> Driver  = \MSB\msb\MSB_Driverset\AD2
> Thread  = Publisher Channel
> Object  = CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
> Level   = success
> Message = <application>DirXML</application>
> <module>AD2</module>
> <object-dn>CN=test person2,OU=2016,DC=msb,DC=nsw,DC=edu,DC=au
> (msb\2016\testperson2)</object-dn>
> <component>Publisher</component>
> DirXML: [05/11/10 16:05:30.50]: Loader: Received document from
> publicationShim
> DirXML: [05/11/10 16:05:30.50]: Loader: XML Document:
> DirXML: [05/11/10 16:05:30.50]: <nds dtdversion="2.2">
> 	<source>
> 		<product version="3.6.0.4294">DirXML</product>
> 		<contact>Novell, Inc.</contact>
> 	</source>
> 	<input>
> 		<init-params>
> 			<publisher-state>
> 				<cookie>TVNEUwMAAAAL17P1z/DKAQAAAAAAAAAAoAAAAOBLDgAAAAAAAAAAAAAAAADgSw4AAAAAAHMj0gU9rfRFilaUPuQjKMUBAAAAAAAAAAYAAAAAAAAAcyPSBT2t9EWKVpQ+5CMoxeBLDgAAAAAAGMq9ZK7joE6O7v/jlJXghaTeLwAAAAAAPaitf03OBUm55zg3/4CAUz/lDwAAAAAAtyDPkJRFeEi0/CI7MYfUzlF6MgAAAAAApnFU4Xbzf0W6zy5kTamJ3j08agAAAAAAoZ/R9XnH0EaXBlkoWln6S5hyDQAAAAAA</cookie>
> 			</publisher-state>
> 		</init-params>
> 	</input>
> </nds>
> DirXML: [05/11/10 16:05:30.50]: Loader: Writing driver state to file
> DirXML: [05/11/10 16:05:30.50]: Loader: Document consists only of
> state; not sending to remote side
> DirXML: [05/11/10 16:05:30.50]: Loader: Returning to publisher:
> DirXML: [05/11/10 16:05:30.50]: Loader: XML Document:
> DirXML: [05/11/10 16:05:30.50]: <nds ndsversion="8.6"
> dtdversion="1.0">
> 	<output>
> 		<status level="success"/>
> 	</output>
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJL6gVFAAoJEF+XTK08PnB59SwQAJAzaR8AGJ3YFSBL6DOdIIDy
RfdAgrQ0u+T6F3Xa2PNn1vtrmVo/SvzSqzBK12akhZZgwYg5XskiPzlbISUqUzZ6
Rys3S8sSs/0jSXwhRPPAgKMP0J6ON0JqPAXJkZnZZt5m7hrMyMWg5dBQM1L19NJV
gy+fKnj0gUdtlEuqqLjA1C5PHByKNeYuocRosEp/wfQ5SW1wOcehPk4F363ulEXg
VeM7kyvtTTwFO7CMBxU27t8xnl2GXwIU1WFk3ZUupumb2lRMb1KjTpQaurjQksPw
dvPpNP+iRyeo2KNpU843gf0q81/MzaXNUiOjvj8QZyJ4+OgQFhVzm/OPPue/g4RB
tXocszeP9+3YA8jTE9sNQZSX1bJ7A5K5BL839L+I8lxCcH/767Wp+PYZ49vnNb8M
oijfmNXrSUUJ/u6CwqwywuiDv34OE175pU9V6klnJC78SWCctXSaRrXmNZjG5wqa
KYYKKrmMUxIz3l3Zv9vU7VVFktVo9rQMWFstG1PHfPRso3qKkM4HGsO4Ru0yLVli
n/tUqETb/+7ujZgFKSNoXcYxC0wEYHXsoOKQ3hSTDhOCppLl2DnasAzm3y8TvJmO
pIIkvdFmzNRXvTf1IysSnNaXULSiubzzzbclHVO2CqVi7w/a4ZNokXl4Ux9STrCH
J8LNIQCLxMK/M88+FcAK
=z0MD
-----END PGP SIGNATURE-----
0
ab
5/12/2010 1:33:26 AM
This problem was a very sick AD. I did some testing creating and
changing things manually in AD Users and Computers and even computers
added to the domain don't show up. Groups Memberships done manually had
dissapeared. 

Thanks everyone for your help. I am sorry to send you all on a wild
goose chase. 

Regards

Magteq


-- 
Magteq
------------------------------------------------------------------------
Magteq's Profile: http://forums.novell.com/member.php?userid=6475
View this thread: http://forums.novell.com/showthread.php?t=410160

0
Magteq
5/13/2010 2:16:01 AM
Reply:

Similar Artilces:

Driver Id and Driver Version not coming while creating the U
Hi, I have got a few Novell Products on my machine. some of them are running on VMPlayer( windows 2003 server) . The products on VMPLayer are : eDirectory 8.8 Identity Manager 3.5.1, iManager The products on my local machine are: Identity Manager User Application Novell designer. When I create a User Provisioning driver in the Identiy Manager using iManager, the driver gets created succssfully. It comes to the running state. But I do not get the driver id and driver version( it says, "atrribute not found") in the driver's detail information. This means the dri...

Identity Manager Driver for Active Directory
Hi, we have configured the AD driver, what we need now is to make the subscription and publication from IDM 4.0 to Microsoft Active Directory, How can we achieve this? This image for reference here 'Venkizmet Peru SAC' (http://formsservices.webcindario.com/question9.html) thanks -- eden_silva ------------------------------------------------------------------------ On 01/14/2011 04:06 PM, eden silva wrote: > > Hi, > > we have configured the AD driver, what we need now is to make the > subscription and publication from IDM 4.0 to Micr...

Identity Manager Driver for Active Directory
hi, where I can download the driver for Identity Manager 4.0 for Active Directory? thanks -- eden_silva ------------------------------------------------------------------------ > where I can download the driver for Identity Manager 4.0 for Active > Directory? download.novell.com on the IDM 4 download page, and it is on the base DVD ISO. Try the identity-Manager.engine-drivers forum if you need more help, since this is the Novell Access Manager forum. thanks friend -- eden_silva ---------------------------------------------------------------...

Active Directory & SQL list of users with managers and managers with users
I have been tasked with some authentication/access items and know there is an easy way to do this within AD but don't know where to start.  What I have set up is a OU called Test Users within an OU called Sales within our main domain.  Within the OU=Test Users there are several security groups having as many as 100 or as little as one person in them.  The goup names are Manager, Regional Mgr, Sales Reps.  A Sales Rep can have a Regional Mgr and a Regional Mgr has a Manager.  There are some cases where a Sales Rep does not have a Regional Mgr and then is associate...

Active Directory driver not creating new eDir accounts
Hi, I've noticed a problem wherein I create an account in AD and it doesn't create in eDir. If I manually migrate into the IV its fine. We are using IDM 3.6 with a very slightly modifed IDM 3.5.1 AD driver and eDir 8.8.3. Each time an OU/User or group is created in AD I get a "Code(-8019) Operation vetoed on unassociated object" error, it doesn't seem to want to apply the creation policy in fact it only seems to be picking up the password change and nothing else. Here's the filter xml:- <?xml version="1.0" encoding="UTF-8"...

Active directory driver only moves "some" users
I have recently set up Identity manager in hopes to sync our edir tree to a new ad server. I put the remote loader on the windows 2008 r2 and the idm install on our sles 10 sp3 oes2 sp2 box. and got it to sync after much research, however only a few users out of all our users will sync. I am unable to figure out why. I know i can look at dstrace to figure this out, but i have a few questions. Am I to look at it on the Windows side? If so, how can i increase the output of dstrace on the remote loader side? Or do i look it at on the full blown edir side? what attributes should i be loo...

Fan-Out Driver create user ids not from naming attribute
In our design, we would like to use fanout driver to sync user passwords to 10 linux target. However, the userids are not the naming attribute(not cn but lnxid in our case) What I understood from fan-out driver documentation is that I need to use cn or an alternate naming attribute as the loginid. Our user object has another attribute which has value of the userid of the platform . Is there any way to create users at the platform by using the value of that attribute? Lets say my user's dn is cn=test, ou=Users, o=tree and attribute lnxid has value of M3000. I would like to cr...

Drivers Drivers Drivers on Terminal Servers
Hi, Ive running NW6.5 Sp5 with iprint client 4.26 on a pool of 2003 terminal Servers. Clients have printers installed via login sript each time they login. 1, When i update the driver in Iprint ,will it update automaticly on the TS and workstation 2, What are the most stable Ricoh drivers to use PCL 5,6,PCL Mini-Driver or RPCS Driver. Thamks Mike Michael@nospam.ddg.com wrote: >1, When i update the driver in Iprint ,will it update automaticly on the >TS and workstation No. >2, What are the most stable Ricoh drivers to use PCL 5,6,PCL Mini-Driver ...

how to create page for creating active directory account and integrate in create user page
hi all...am bit new to this share point server. can someone please tell me how to create a page for creting an activie directory account for sharepoint server ie.s sps 3.0.. i ve installed sharepoint service 3.0 on my server for for creatign users i need to do it manually get into the server and create user. but in sme other site its is given a seperate page for creating user and sending invitaion to user to user the site.. and the pass and userid and others ll be sent automatically to their id..i need to like tat .. can you plz help me...thnkx----Jai---------http://www.jayaraja.comh...

AD Driver doesn't create the user home directories
Hello, hopefully this problem was not posted to many times before. I tried to search in the Novell IDM forum for similiar posts but what ever I searching for there are no results shown. We have connected a Windows 2008 R2 DC to our IDM 3.6.1. Ther provisioning of users is working well. The attributes home drive and home directory are added by the following creation policy. <rule> <description>Add auxhomeDirectory and auxhomeDrive</description> <comment xml:space="preserve">Add auxhomeDirectory and auxhomeDrive to User</comment> <con...

Create Object, CreateObject(ADODB.Connection) [Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified
Hello, I am getting the following error while connecting to SQL Server 2005 from my ASP application. Create Object, CreateObject(ADODB.Connection) [Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified Appreciate your quick help.  Thanks, Satya. Hi Satya, This exception may be caused by a few reasons, please refer to the KB article below to trouble and fix it. PRB: ASP Error 80004005 "Data Source Name Not Found"http://support.microsoft.com/kb/306345Jian KangMicrosoft Online Community SupportPlease remember to mark the replies ...

SAP User Management driver
I am attempting to assign local activity groups using the sap User management driver. I am able to assign the sample activity groups but not the sample local activity groups. I get this error, "You have not logged onto the central system." The SAP group here is no help. Any one out there familiar with this error? > I am attempting to assign local activity groups using the sap User > management driver. I am able to assign the sample activity groups but not > the sample local activity groups. I get this error, "You have not logged > onto the central sy...

Driver Wizard
I'm trying to create the eDirectory Driver in our production tree (IDM 3.0.1). When I click <Next> at the "Group Container" screen, where I enter the same container as used for the FLAT location of my users, I get the error: Driver Wizard - Error: The driver could not be created. It sends me back to the "Create Driver" screen, where I'm selecting to import "eDirectory.XML I noticed that during the Wizard, the Driver Set object did get created but is automatically deleted after I <Cancel> out of the Wizard. By the way, the name I use fo...

Could not be created Driver - Driver Wizard
Hi All, I have Installed eDirectory 8.8,iManager 2.7 and Identity Manager 3.5.1 on the windows 2000 server. The tree structure is as below TREE=MOU O=UNIVERSITY OU=Schools SERVER=ABCD-NDS (Server is created in O=UNIVERSITY) Now, I am trying to create Driver for eDirectory to eDirectory Synchronization and tried severl time and finally endup with really tired since no clue on the error. I googled a lot, but no solution. Please give me a solution of my problem. The below is the steps, I followed. 1. Opened the iManager 2.7 on IE 6.0 Browser and loged in as Admin 2. Selected...

Web resources about - Active Directory Driver Not Creating Users - novell.id-manager.drivers

Wikipedia:Quick directory - Wikipedia, the free encyclopedia
This page is a handy directory to various locations of interest in Wikipedia. Only dynamic pages should be listed here, no policy pages etc. ...

Telephone directory - Wikipedia, the free encyclopedia
"Phone book" and "White pages" redirect here. For a contact list, see Contact list . For other uses, see White pages (disambiguation) . Subscriber ...

Business Directory Listings: Eight Smart Tips for You to Get Started
If you are considering a business directory listing for your small business, congratulations – you are on the right track. Local SEO, local customers, ...

LinkedIn Lookup iOS app aims to replace your company’s awful intranet employee directory
... continue reading at 9to5Mac . What do you think? Discuss "LinkedIn Lookup iOS app aims to replace your company’s awful intranet employee directory" ...

Atlas Partner Directory Launched
... just for Facebook and Instagram –advertising platform Atlas has one, as well. On that note, Atlas Tuesday introduced the Atlas Partner Directory ...

Slack announces App Directory store
... create more apps for the store, and a new framework called Botkit which should simplify the process of creating apps. The Slack App Directory, ...

The British Library’s ‘Save Our Sounds’ Program Creates Directory of UK Sound Collections
The long-feared deterioration of the world's sound collections is a coming to a head with the British Library's last-ditch initiative called ...

Amazon brings Microsoft users into AWS with Active Directory service
Amazon has launched an AWS Directory Service for Active Directory , a fully managed implementation of Microsoft's authentication and user management ...

Hackers leak DHS staff directory, claim DOJ is next
On Sunday, an account on Twitter posted a Department of Homeland Security staff directory with 9,355 names. Shortly after the DHS data was posted, ...

'Twitch Plays' directory makes it easy to find new games
The huge success that is TwitchPlaysPokemon gave rise to a number of other Twitch Plays games, and the video platform wants to make sure you ...

Resources last updated: 2/9/2016 6:06:47 AM