So I got the Windows Sync Agreement working.
Windows side:
cn=Users,dc=foo,dc=org
FDS side:
ou=Users,l=Portland,c=US,dc=foo,dc=org
SSL certs are properly exchanged between the two, user passwords sync
correctly, and accounts removed or added on either side are sync'd
correctly.
Then suddenly less than 24hrs later, users on the ADS side suddenly
start being removed from email distribution groups. Client panics and
shuts down the FDS server, which appears to be the only change in the
last few days. The accounts had been stable for much time.
Aside from asking the obvious of what would cause this, I'm curious
where I should start hunting (log level tweaks.. ADS logs, etc).
Here are some errors I found on the ADS side. These might be the client
correcting the errors, not the original error itself:
errors:[04/Apr/2007:09:44:53 -0700] - add value
"uid=Finintern,ou=Users,l=Portland,c=US, dc=foo,dc=org" to
attribute type "uniqueMember" in entry
"cn=FINANCE,ou=Users,l=Portland,c=US, dc=foo,dc=org" failed:
value exists
errors:[04/Apr/2007:10:54:53 -0700] - add value
"uid=Finintern,ou=Users,l=Portland,c=US, dc=foo,dc=org" to
attribute type "uniqueMember" in entry
"cn=MAS90,ou=Users,l=Portland,c=US, dc=foo,dc=org" failed: value
exists
errors:[04/Apr/2007:11:54:53 -0700] - add value
"uid=sharrison,ou=Users,l=Portland,c=US, dc=foo,dc=org" to
attribute type "uniqueMember" in entry "cn=Raisers
Edge,ou=Users,l=Portland,c=US, dc=foo,dc=org" failed: value exists
--
Kris S. Amundson
Founder, CIO GPG Key: D6D39F2C
OpenSourcery, LLC.
http://www.opensourcery.com/