<ldap-err ldap-rc="68" ldap-rc-name="LDAP_ALREADY_EXISTS">

Hi,
i've create, from two virutal machines of Utopia SIM, two phisical machine.

The provisioning to Active directory don't work (SAP emulator, Telco, Lotus
Notes work fine). 
When i create the users (with Enhanced provisioning Workflow") or when i
try to syncronize eDir with AD i receve this error (for the new user):
<ldap-err ldap-rc="68" ldap-rc-name="LDAP_ALREADY_EXISTS">

I've already seen TID 10091618. 

I think that the problem is in the AD. I've created it manually (without
ntbackup) but with the same structure:

OU=Utopia ___ OU=Groups
           |_ OU=Users ___ OU=Inactive

Any idea?
Thanks in advance.

Andrea P.
0
apriviero
7/4/2006 3:41:32 PM
novell.id-manager.drivers 10360 articles. 2 followers. Follow

2 Replies
1595 Views

Similar Articles

[PageSpeed] 28
Get it on Google Play
Get it on Apple App Store

The error you are getting indicates that you are trying to create 
objects that already exist in AD. I'd start with a level 3 trace to 
verify what is being generated as the dest-dn for the objects. You will 
also need to verify that the sAMAccountName is unique. If you already 
have the objects in AD and eDir, then you need to examine your matching 
policies and ensure that they are consistent with your existing data.

--

Father Ramon


apriviero@datamanagement.it wrote:
> Hi,
> i've create, from two virutal machines of Utopia SIM, two phisical machine.
> 
> The provisioning to Active directory don't work (SAP emulator, Telco, Lotus
> Notes work fine). 
> When i create the users (with Enhanced provisioning Workflow") or when i
> try to syncronize eDir with AD i receve this error (for the new user):
> <ldap-err ldap-rc="68" ldap-rc-name="LDAP_ALREADY_EXISTS">
> 
> I've already seen TID 10091618. 
> 
> I think that the problem is in the AD. I've created it manually (without
> ntbackup) but with the same structure:
> 
> OU=Utopia ___ OU=Groups
>            |_ OU=Users ___ OU=Inactive
> 
> Any idea?
> Thanks in advance.
> 
> Andrea P.
0
Father
7/4/2006 6:05:08 PM
I'd start with the matching policyset and the trace of that part of the
process.  Chances are that you're matching based on something unique
(fullname with initials or something like that) and creating users based on
something non-unique (sAMAccountName).  The trace should be fairly
conclusive.  Making the attribute(s) used for matching match what is in AD
and trying again should not create a user, but it should cause the
association to be created properly.

Good luck.





> The error you are getting indicates that you are trying to create 
> objects that already exist in AD. I'd start with a level 3 trace to 
> verify what is being generated as the dest-dn for the objects. You will 
> also need to verify that the sAMAccountName is unique. If you already 
> have the objects in AD and eDir, then you need to examine your matching 
> policies and ensure that they are consistent with your existing data.
> 
> --
> 
> Father Ramon
> 
> 
> apriviero@datamanagement.it wrote:
> > Hi,
> > i've create, from two virutal machines of Utopia SIM, two phisical machine.
> > 
> > The provisioning to Active directory don't work (SAP emulator, Telco, Lotus
> > Notes work fine). 
> > When i create the users (with Enhanced provisioning Workflow") or when i
> > try to syncronize eDir with AD i receve this error (for the new user):
> > <ldap-err ldap-rc="68" ldap-rc-name="LDAP_ALREADY_EXISTS">
> > 
> > I've already seen TID 10091618. 
> > 
> > I think that the problem is in the AD. I've created it manually (without
> > ntbackup) but with the same structure:
> > 
> > OU=Utopia ___ OU=Groups
> >            |_ OU=Users ___ OU=Inactive
> > 
> > Any idea?
> > Thanks in advance.
> > 
> > Andrea P.

0
ab
7/5/2006 3:45:02 AM
Reply:

Similar Artilces:

<ldap-err ldap-rc="53" ldap-rc-name="LDAP_UNWILLING_TO_PERFO
I am having a problem with eDir to AD Exch problem with syncing phone numbers. I have attached a full trace file from the driver side. I have the remote loader trace but apparently I am limited to one attachment. The snippet below is from the remote loader file. For a test I took my own account and change the phone number on it. It went just fine, so this is a newer user who was created in this system not migrated to it. DirXML: [03/11/10 12:33:38.01]: ADDriver: parse command className user destDN eventId AHNAPPININD004#20100311173337#2#1 association 6aa49551d...

Ldap-err ldap-rc="53"
We are testing ID3 with a one way Vault to AD sync of users, groups and OU's After a couple of test runs and a tweak or two to the policies, the sync went great. I deleted the parent OU from the AD domain and wanted to do the sync again. This time to show the staff how it is supposed to work. On every OU, group and user, I get the following error DirXML: [05/15/06 08:09:07.56]: Loader: Calling subscriptionShim->execute() DirXML: [05/15/06 08:09:07.56]: DirXML Log Event ------------------- Driver = \CCN\CCN\ID3\EDIR2AD\Active Directory Thread = Subscriber Ch...

<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTg3MjQ" />
 Hi I am developig a website and when I try to see the page source in the explorer I have houndreds of lines about this:<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /><input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /><input type="hidden" name="__VIEWSTATEFIELDCOUNT" id="__VIEWSTATEFIELDCOUNT" value="697" /><input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value=...

Regular Expression to remove "/", "\", "<", ">" and "="
Can anyone please show me the regular expression to reject a string ("<blue", "right>" etc.) which has the following expression in it: "/", "\", "<", ">" and "="  hi, It may Help u.. it is in Class file u may use this expressin in validation controls also. Regex objReg = new Regex(@"^[^,.?/\~|`;:'<>]*$", RegexOptions.Singleline); Regex objReg = new Regex(@"^[^,][^.][^?][^/][^\][^~|][^`][^;][^:][^'][[^<][^>]$", RegexOptions.IgnoreCase);Thanks &...

"<->" as "->" with automatic "is rw"
I like that arguments will be readonly by default. But when I look at my current code, I see that I would be typing " is rw" quite a lot, which in my opinion is too long for a thing that occurs very often. Every such situation in my code is a foreach loop. A thing that in Perl 6 will mostly be used with the pointy sub declaration syntax. If I'm not mistaken, <-> is still available. It communicates "bidirectional" and that is more or less the same as read/write access. I'm proposing for zip(@foos, @bars, @xyzzies) <-> $foo, $bar, $xyzz...

ldap-rc-name="LDAP_NO_SUCH_OBJECT"
Hello, I have a problem with migrating users to MAD. In our testenviroment it works very well. I cant see where it goes wrong. Below is the level 3 logfile from the VAULT. Thanks for the help, Frank [05/26/08 13:56:06.553]:ADTRACE :Reading named passwords list. [05/26/08 13:56:06.553]:ADTRACE :Named passwords: [05/26/08 13:56:06.554]:ADTRACE :Reading XML attribute vnd.nds.stream://IDMEDIR/IDM+Driver+Set/Identity+Manager+Drivers/Active+Directory#DirXML-EngineControlValues. [05/26/08 13:56:06.555]:ADTRACE :Reading XML attribute vnd.nds.stream://IDMEDIR/IDM+Driv...

What is this for? "<label style=""display:none;"" for=""" & cboFieldType.ClientID.ToString & """>Type</label>"
I'm digging through the code of DNN and I found many ocurrences of this type of code: lblFieldType.Text = "<label style=""display:none;"" for=""" & cboFieldType.ClientID.ToString & """>Type</label>" What is that code for? The label is never displayed and I could not figure out what DDN uses it for. thank you This is for ADA compliance. The guidelines require that form elements have an associated label. This helps the text readers out with identifying the different parts of the form. BruceDynamic...

how do i do &lt;a href="#name"&gt; &lt;a name="name"&gt; on immagebutton
if the page is too long, when the page is posted back, i want it to move to original location where the user click it. can i do it with imagebutton without using Response.Redirect ?...

what's the different from "<page src="">" and "<page codeBehind="">"
what's the different from "<page src="">" and "<page codeBehind="">" Thank YOU how to make session' life longer? Thank You This very question was asked only 5 days ago. Searching the forums would have yielded the answer you require. However, see this thread. Steven BeyRecursion: see Recursion You can set a new value for the Session Timeout in your web.config file. Or, you can do it in a page through this property: Session.Timeout Note that if you choose the second method, the timeout will only be modified on this page,...

help with simple javascript: <asp:LinkButton OnclientClick="$find('<%=mpeup1.ClientID %>').hide();" ID="btnCancel" runat="server" CausesValidation="false">Cancel Edit</asp:LinkButton>
I have this app that has a Modapopup Extender control called "mpeup1" it is in a user control inside a formview control on a content page. So I use the clientID property and I simply want to close the ModalPopup on the client side with a simple button click. This is what I have but it doesn work because it always says error: "null is null and is nothing" or some l;ike that. <asp:LinkButton OnclientClick="$find('<%=mpeup1.ClientID %>').hide();" ID="btnCancel" runat="server" CausesValidation="false">Cancel Edit<...

Failing to retrieve data from HTMLIn my HTML page that calls Ajax I have a field defined as:-<td width=195 style="position:absolute; visibility: hidden;" id="CNumber" name="CNumber"></td>and in Ajax I
In my HTML page that calls Ajax I have a field defined as:-<td width=195 style="position:absolute; visibility: hidden;" id="CNumber" name="CNumber"></td>and in Ajax I attempt to retrieve its contents by :-        var KaartNommer      = document.getElementById("CNumber").innerHTML;and I have also tried:-        var KaartNommer      = document.getElementById("CNumber").value;both fail and doing an alert() I get told that it is undefined.Please tell me how I got t...

ldap-rc="81"
Hi all. Here is my environment: Windows 2003sp1 (DC) MAD DNS DHCP Remote Loader ---------- Windows 2003sp1 (Member Server) ZENworks 7sp1 eDIR 8.8.1 iManager 2.6 IDM 3.0.1 Goal: Synch user accounts/pwds between AD and eDIR, using the provided AD driver. Can ping the AD, DC by DNS name from both servers. Using "NEGOTIATE" as the method of authentication. The following appears on the remote loader in yellow. No objects are synching. DirXML Log Event ------------------- Driver = \CHERRY\gstr\DirXML\Town\AD Thread = Subsc...

Query performance of "=" vs "<" and ">"
[This is a repost from ase.general] Suppose you have a large table (>5 million records) containing 15 columns including a numerical string column called ACTIVITY_DATE which is indexed (nonunique, nonclustered) and a numerical string column called TIMESTAMP which is indexed (nonunique,nonclustered). ACTIVITY_DATE contains a date string ('20081211'); TIMESTAMP also appends a time ('20081211 19:18:03.34923'). Suppose you want to return all events that took place on December 11th and suppose you had to choose between the following queries: - select col1,col2,col...

Query performance of "=" vs "<" and ">"
Suppose you have a large table (>5 million records) containing 15 columns including a numerical string column called ACTIVITY_DATE which is indexed (nonunique, nonclustered) and a numerical string column called TIMESTAMP which is indexed (nonunique,nonclustered). ACTIVITY_DATE contains a date string ('20081211'); TIMESTAMP also appends a time ('20081211 19:18:03.34923'). Suppose you want to return all events that took place on December 11th and suppose you had to choose between the following queries: - select col1,col2,col3 from TABLE where ACTIVITY_DATE='2...

Web resources about - <ldap-err ldap-rc="68" ldap-rc-name="LDAP_ALREADY_EXISTS"> - novell.id-manager.drivers

Resources last updated: 1/7/2016 10:33:41 PM