[389-users] Windows sync agreement - Received result code 34

Orion Poplawski orion at cora.nwra.com
Wed Apr 2 20:57:00 UTC 2014 

On 03/12/2014 02:55 AM, Vesa Alho wrote:
> Hi,
>
> I'm trying to get Windows AD sync working. When trying to start full
> re-syncronization, I get the errors listed below. I've tried to verify all
> settings, but haven't figured out what could cause this. It seems to use value
> (null) with DN, but why?
>
> Other information:
> 389 => 1.2.11.25 (dc=example,dc=com)
> AD => Windows 2012 R2 (dc=example,dc=login)
> ==> notice, domain names are different!
>
> Windows sync agreement details
> Windows domain: example.login
> DS subtree: ou=People,dc=example,dc=com
> Windows subtree: cn=People,dc=example,dc=login
> Replicated subtree: dc=example,dc=com
>
> My goal is to sync 389 users to one OU/CN under AD and groups to different
> OU/CN. I'm not sure if this even possible, but was hoping to achieve this by
> creating separate sync agreements for users and groups.
>
> PS. thanks for excellent software and support!
>
> -Vesa
>
> [12/Mar/2014:10:23:56 +0200] NSMMReplicationPlugin - agmt="cn=adsync"
> (hki-dc01:636): map_entry_dn_inbound: problem looking for username: -1
>
> [12/Mar/2014:10:23:56 +0200] NSMMReplicationPlugin - agmt="cn=adsync"
> (hki-dc01:636): windows_process_total_entry: Looking
> dn="uid=user1,ou=People,dc=example,dc=com" (ours)
>
> [12/Mar/2014:10:23:56 +0200] NSMMReplicationPlugin - agmt="cn=adsync"
> (hki-dc01:636): map_entry_dn_outbound: looking for AD entry for DS
> dn="uid=user1,ou=People,dc=example,dc=com"
> guid="c647c882ee76ab4aac2239ef81ebebb7"
>
> [12/Mar/2014:10:23:56 +0200] NSMMReplicationPlugin - agmt="cn=adsync"
> (hki-dc01:636): map_entry_dn_outbound: looking for AD entry for DS
> dn="uid=user1,ou=People,dc=example,dc=com" username="user1"
>
> [12/Mar/2014:10:23:56 +0200] - Calling windows entry search request plugin
>
> [12/Mar/2014:10:23:56 +0200] - windows_search_entry: received 1 messages, 0
> entries, 0 references
>
> [12/Mar/2014:10:23:56 +0200] NSMMReplicationPlugin - agmt="cn=adsync"
> (hki-dc01:636): map_entry_dn_outbound: entry not found - rc 0
>
> [12/Mar/2014:10:23:56 +0200] - Windows sync entry: Created new remote entry:
>   dn:: Y249VHVvbWFzIFN5cmrDpG5lbiwobnVsbCk=
> objectClass: top
> objectClass: person
> objectClass: organizationalperson
> objectClass: user
> userprincipalname: user1 at example.login
> cn:: VHVvbWFzIFN5cmrDpG5lbg==
> givenName: First
> mail: First.Last at example.com
> sAMAccountName: user1
> accountExpires: 9223372036854775807
> sn:: U3lyasOkbmVu
> telephoneNumber:
> codePage: 0
>
> [12/Mar/2014:10:23:56 +0200] - Attempting to add entry cn=First Last,(null) to
> AD for local entry uid=user1,ou=People,dc=example,dc=com
>
> [12/Mar/2014:10:23:56 +0200] NSMMReplicationPlugin - agmt="cn=adsync"
> (hki-dc01:636): Received result code 34 (0000208F: NameErr: DSID-03100225,
> problem 2006 (BAD_NAME), data 8350, best match of: '(null)' ) for add operation

Ever figure this out?  We're seeing the same problem here.  It was working for 
a while for us and then broke at some point.  Looks like the target ou is 
getting replaced by null at some point.

- Orion


-- 
Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA, Boulder/CoRA Office             FAX: 303-415-9702
3380 Mitchell Lane                       orion at nwra.com
Boulder, CO 80301                   http://www.nwra.com

More information about the 389-users mailing list