AD 2003 use the mssfu30 scheme not the rfc scheme. Is the posix_winsync_plugin active? There is a config attribute to set for this old scheme.
Am 18.10.12, schrieb Juan Asensio Sánchez <oke...@gmail.com>: > Hi > > Using 389DS 1.2.5 on CentOS 5.5 i385, I need to sync users and groups > from 389DS to Active Directory (Windows Server 2003). I the 389DS side > I have this: > > dn: cn=ALERGIAS_gestion,ou=Groups,o=XXXX,dc=XXXX,dc=es > objectClass: groupOfNames > objectClass: groupOfUniqueNames > objectClass: ntGroup > objectClass: posixGroup > objectClass: sambaGroupMapping > objectClass: top > cn: ALERGIAS_gestion > gidNumber: 130541 > ntUserDomainId: ALERGIAS_gestion > sambaGroupType: 2 > sambaSID: S-1-5-21-2896031208-2582234988-3810615631-261845 > description: Personal de D.GESTION de ALERGIAS del XXXX > displayName: Personal de D.GESTION de ALERGIAS del XXXXX > ntGroupCreateNewGroup: true > ntGroupDeleteGroup: true > ou: ou=ALERGIAS,ou=PERIFERICA,ou=D. GESTION,o=XXXX,dc=XXXX,dc=es > > Base DS subtree in the replication agreement is o=XXXX,dc=XXXX,dc=es, > and Windows Subtree is "ou=XXXX,ou=LDAP,dc=pruebas,dc=local", so I had > to create manually the OUs > "ou=People,ou=XXXX,ou=LDAP,dc=pruebas,dc=local" and > "ou=Groups,ou=XXXX,ou=LDAP,dc=pruebas,dc=local" (user sync works > fine). When I try to sync data, doing a full re-syncronization from > the console, I get tjis werror when the server is going to sync the > group: > > > [18/Oct/2012:13:09:58 +0200] NSMMReplicationPlugin - > agmt="cn=XXXXX-LDAPPruebas-WinAD" (grsgscvant01f6:636): > windows_process_total_entry: Looking > dn="cn=ALERGIAS_gestion,ou=Groups,o=XXXXX,dc=XXXXX,dc=es" (ours) > [18/Oct/2012:13:09:58 +0200] NSMMReplicationPlugin - > agmt="cn=XXXXX-LDAPPruebas-WinAD" (grsgscvant01f6:636): > map_entry_dn_outbound: looking for AD entry for DS > dn="cn=ALERGIAS_gestion,ou=Groups,o=XXXXX,dc=XXXXX,dc=es" > guid="(null)" > [18/Oct/2012:13:09:58 +0200] NSMMReplicationPlugin - > agmt="cn=XXXXX-LDAPPruebas-WinAD" (grsgscvant01f6:636): > map_entry_dn_outbound: looking for AD entry for DS > dn="cn=ALERGIAS_gestion,ou=Groups,o=XXXXX,dc=XXXXX,dc=es" > username="ALERGIAS_gestion" > [18/Oct/2012:13:09:58 +0200] - Calling windows entry search request plugin > [18/Oct/2012:13:09:58 +0200] - windows_search_entry: recieved 1 > messages, 0 entries, 0 references > [18/Oct/2012:13:09:58 +0200] NSMMReplicationPlugin - > agmt="cn=XXXXX-LDAPPruebas-WinAD" (grsgscvant01f6:636): > map_entry_dn_outbound: entry not found - rc 0 > [18/Oct/2012:13:09:58 +0200] - Windows sync entry: Created new remote entry: > dn: cn=ALERGIAS_gestion,ou=Groups,ou=XXXXX,ou=LdapPeople,dc=pruebas,dc=local > objectClass: top > objectClass: group > sAMAccountName: ALERGIAS_gestion > ou: ou=ALERGIAS,ou=PERIFERICA,ou=D. GESTION,o=XXXXX,dc=XXXXX,dc=es > description: Personal de D.GESTION de ALERGIAS del XXXXX > > [18/Oct/2012:13:09:58 +0200] - Attempting to add entry > cn=ALERGIAS_gestion,ou=Groups,ou=XXXXX,ou=LdapPeople,dc=pruebas,dc=local > to AD for local entry > cn=ALERGIAS_gestion,ou=Groups,o=XXXXX,dc=XXXXX,dc=es > [18/Oct/2012:13:09:58 +0200] NSMMReplicationPlugin - > agmt="cn=XXXXX-LDAPPruebas-WinAD" (grsgscvant01f6:636): Received > result code 65 (0000207D: UpdErr: DSID-03150F9C, problem 6002 > (OBJ_CLASS_VIOLATION), data 0 ) for add operation > [18/Oct/2012:13:09:58 +0200] NSMMReplicationPlugin - > agmt="cn=XXXXX-LDAPPruebas-WinAD" (grsgscvant01f6:636): > windows_replay_update: Cannot replay add operation. > [18/Oct/2012:13:09:58 +0200] NSMMReplicationPlugin - > agmt="cn=XXXXX-LDAPPruebas-WinAD" (grsgscvant01f6:636): Beginning > linger on the connection > [18/Oct/2012:13:09:58 +0200] NSMMReplicationPlugin - > agmt="cn=XXXXX-LDAPPruebas-WinAD" (grsgscvant01f6:636): > windows_tot_run: failed to obtain data to send to the consumer; LDAP > error - 1 > > It looks like trying to create a group (objectClass group), but with > user attributes (sAMAccountName)... Any idea? Is the source group bad > created? > > Regards and thanks in advance. > -- > 389 users mailing list > 389-us...@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users > -- Carsten Grzemba
-- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
