Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Synchronizing existing users between AD and Identity Vault

Posted on 2007-11-15
2
Medium Priority
?
2,345 Views
Last Modified: 2008-02-01
I am currently testing OES 2 running on SLES10.1. I have installed Identity Manager 3.51 on the OES machine running as the metadirectory server. My connected system is Windows 2003 Server R2. I am unable to synchronize existing users, but if I create a new user in either AD or Edir the user is replicated to the other connected system.

Below is the error:

Message 1:
Thu Nov 15 14:17:08 SAST 2007
Warning
No description provided.
Code(-8003) Unable to synchronize reference to \TEST_TREE\testou\admin from attribute Owner.

Message 2:
Thu Nov 15 14:17:08 SAST 2007
Warning
No description provided.
Code(-8003) Unable to synchronize reference to \TEST_TREE\testou\users\testuser from attribute Member.

Message 6:
Thu Nov 15 14:17:08 SAST 2007
Warning
<status level="warning">Code(-8017) Operation vetoed by object creation policy.<application>DirXML</application>
      <module>Active Directory</module>
      <object-dn>\TEST_TREE\testou\users\testuser</object-dn>
      <component>Subscriber</component>
</status>
\TEST_TREE\testou\users\testuser

Any ideas ?
0
Comment
Question by:dielem10
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 19

Accepted Solution

by:
alextoft earned 1000 total points
ID: 20293191
Firstly, ignore the "unable to sync reference" warnings. The problem is in the veto message. Have a look at your creation policies and work through them, examine the rules to see what is veto'd and why.

As I remember, IDM 3.5 will veto create operations if a user does not have the universal password populated in eDir. If you're trying to export a pre-existing user, this may well be the case. Have you setup the Universal Password policies correctly?

Alternatively, up your trace level to 5 in order to get a more detailed log output.
0
 

Author Comment

by:dielem10
ID: 20296511
Thanks. I thought the universal password for the user was set, but I was wrong. Once I set it, it all worked fine.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WooCommerce is becoming the most powerful e-commerce plugin for Wordpress. And why not. The platform comprises of numerous core plugins that may come in handy, powerful options to make your website development task much easier.
Let's take a look into the basics of ransomware—how it spreads, how it can hurt us, and why a disaster recovery plan is important.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question