[Fedora-directory-users] FDS-ADS Sync

Richard Hesse richard at powerset.com
Fri Apr 6 01:49:09 UTC 2007 

FWIW, the same thing happened to me when we setup our FDS-AD sync
agreements. I can't say definitely, but the problem went away after we
stopped using the Fedora Console for user and group management. We wrote our
own tools to manage the directory data, and the disappearing users problem
went away. I'm not saying that the console is the cause, just throwing that
out there.

Good luck.

-richard


On 4/5/07 4:13 PM, "Kris S. Amundson" <krisa at opensourcery.com> wrote:

> So I got the Windows Sync Agreement working.
> 
> Windows side:
> cn=Users,dc=foo,dc=org
> 
> FDS side:
> ou=Users,l=Portland,c=US,dc=foo,dc=org
> 
> SSL certs are properly exchanged between the two, user passwords sync
> correctly, and accounts removed or added on either side are sync'd
> correctly.
> 
> Then suddenly less than 24hrs later, users on the ADS side suddenly
> start being removed from email distribution groups.  Client panics and
> shuts down the FDS server, which appears to be the only change in the
> last few days.  The accounts had been stable for much time.
> 
> Aside from asking the obvious of what would cause this, I'm curious
> where I should start hunting (log level tweaks.. ADS logs, etc).
> 
> Here are some errors I found on the ADS side.  These might be the client
> correcting the errors, not the original error itself:
> 
> errors:[04/Apr/2007:09:44:53 -0700] - add value
> "uid=Finintern,ou=Users,l=Portland,c=US, dc=foo,dc=org" to
> attribute type "uniqueMember" in entry
> "cn=FINANCE,ou=Users,l=Portland,c=US, dc=foo,dc=org" failed:
> value exists
> 
> errors:[04/Apr/2007:10:54:53 -0700] - add value
> "uid=Finintern,ou=Users,l=Portland,c=US, dc=foo,dc=org" to
> attribute type "uniqueMember" in entry
> "cn=MAS90,ou=Users,l=Portland,c=US, dc=foo,dc=org" failed: value
> exists
> 
> errors:[04/Apr/2007:11:54:53 -0700] - add value
> "uid=sharrison,ou=Users,l=Portland,c=US, dc=foo,dc=org" to
> attribute type "uniqueMember" in entry "cn=Raisers
> Edge,ou=Users,l=Portland,c=US, dc=foo,dc=org" failed: value exists

More information about the 389-users mailing list