Re: ADAM installed
- From: Javier2893 <Javier2893@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 20 Oct 2006 09:33:02 -0700
Hi Lee,
here is my config file:
<doc>
<configuration>
<description>sample Adamsync configuration file</description>
<security-mode>object</security-mode>
<source-ad-name>MYDC-DC1</source-ad-name>
<source-ad-partition>dc=MYDOMAIN,dc=com</source-ad-partition>
<source-ad-account></source-ad-account>
<account-domain></account-domain>
<target-dn>o=Microsoft,c=US</target-dn>
<query>
<base-dn>dc=MYDOMAIN,dc=com</base-dn>
<object-filter>(objectClass=*)</object-filter>
<attributes>
<include></include>
<exclude>extensionName</exclude>
<exclude>displayNamePrintable</exclude>
<exclude>flags</exclude>
<exclude>isPrivelegeHolder</exclude>
<exclude>msCom-UserLink</exclude>
<exclude>msCom-PartitionSetLink</exclude>
<exclude>reports</exclude>
<exclude>serviceprincipalname</exclude>
<exclude>accountExpires</exclude>
<exclude>adminCount</exclude>
<exclude>primarygroupid</exclude>
<exclude>userAccountControl</exclude>
<exclude>codePage</exclude>
<exclude>countryCode</exclude>
<exclude>logonhours</exclude>
<exclude>lockoutTime</exclude>
</attributes>
</query>
<schedule>
<aging>
<frequency>0</frequency>
<num-objects>0</num-objects>
</aging>
<schtasks-cmd></schtasks-cmd>
</schedule>
</configuration>
<synchronizer-state>
<dirsync-cookie></dirsync-cookie>
<status></status>
<authoritative-adam-instance></authoritative-adam-instance>
<configuration-file-guid></configuration-file-guid>
<last-sync-attempt-time></last-sync-attempt-time>
<last-sync-success-time></last-sync-success-time>
<last-sync-error-time></last-sync-error-time>
<last-sync-error-string></last-sync-error-string>
<consecutive-sync-failures></consecutive-sync-failures>
<user-credentials></user-credentials>
<runs-since-last-object-update></runs-since-last-object-update>
<runs-since-last-full-sync></runs-since-last-full-sync>
</synchronizer-state>
</doc>
I guess it would be a good time to ask you if the sync would be a read only
copy, that is what I am trying to accomplish here.
Thanks
"Lee Flight" wrote:
Hi.
well there is no error there, so it looks like you have made progress on the
naming
context issues. What does your full XML config look like, maybe your
object-filter
is not matching?
As you have been working this out it might be a good idea to run an
ADAMsync /reset on the configuration (and then run /sync with /log )
or just destroy and re-create the ADAM naming context and then
ADAMSync /install and then try the sync.
Lee Flight
"Javier2893" <Javier2893@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6E5CAFF2-D7F3-4097-B83A-778053CB00A8@xxxxxxxxxxxxxxxx
Hi Lee,
I was able to run the Sync command and here is my output:
Command Prompt>ADAMSync /sync localhost:389 "o=microsoft,c=US" /log -
Adamsync.exe v1.0 (5.2.3790.2075)
Establishing connection to target server localhost:389.
Saving Configuration File on O=Microsoft,C=US
Saved configuration file.
ADAMSync is querying for a writable replica of MYDOMAIN.
Error: DCLocator call failed with an errror 1355. Attempting to bind
directly to string.
Establishing connection to source server MYDC:389.
Using file .\dam43.tmp as a store for deferred dn-references.
Populating the schema cache
Populating the well known objects cache
Starting synchronization frun from dc=mydomain,dc=com.
Starting DirSync Search with object mode security.
Processing Entry: Page 1, Frame 1, Entry 0, Count 0, USN 0
Processing source entry <guid=61c4662cab78f5478c61e92b3b060355>
Previous Entry tool 0 seconds (0, 0) to process
Processing Entry: Page 1, Frame 1, Entry 1, Count 1, USN 0
Processing source entry <guid=86d4d5010361cc48aa6767669e300080>
Previous entry took 0 seconds<15, 0) to process
Updating the configuration file DirSync cookie with a new value.
Beginning processing of deferred dn references.
Finished processing of deferred dn references.
Finished (successful) synchronization run.
Number of entries processed via dirSync: 0
Number of entries processed via ldap: 0
Processing took 0 seconds (0, 1076756480).
Number of object additions: 0
Number of object modifications: 0
Number of object deletions: 0
Number of objects renames: 0
Number of references processed / dropped: 0, 0
Maximum number of attributes seen on a single object: 0
Maximum nymber of values retrieved via range syntax: 0
Beginning agin run.
Aging requested every 0 runs. We last aged 4 runs ago.
Saving configuration file on O=Microsoft,C=US
Saved configuration file.
There are no users on my cn=users folder and it looks like nothing really
sync,
My server hosting my ADAM instance is part of our domain and the account I
used to installed ADAM has enough right to connect to my AD and do what it
has to be done to sync.
Any suggestions about this error?
Thanks,
Javier2893
"Lee Flight" wrote:
Hi
I'm assuming that you have an AD domain dc=mydomain,dc=com
hosted on a DC mydomaincontrollername and that you are
running the /sync with an account that has access to the DC.
I'm guessing your problem is the target-dn that should specify the
naming context in ADAM that you have created so if your ADAM
instance has a naming context o=microsoft,c=us specify that as you
target-dn. Did you create that naming context when running the
ADAM Setup wizard?
From the ADAM Tools Command Prompt
ldifde -f con -s localhost:389 -d "" -p base -l namingContexts
where for 389 substitute your ADAM port number should
show us your naming contexts. Also please post the output
of the /sync with the /log option specified so we can see the full error.
Thanks
Lee Flight
"Javier2893" <Javier2893@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6C544D06-B6D9-40A5-9D54-BF7D7C7B57EF@xxxxxxxxxxxxxxxx
Hi Lee,
let me give you an example of my settings on the XML file so you can
get
the
picture. The install is as per the guide instructions: Changed the
source-ad-partition and source-ad-name according to your reply and ran
the
sync command again but it failed.
<configuration>
<description>sample Adamsync configuration file</description>
<security-mode>object</security-mode>
<source-ad-name>fabrikam.com</source-ad-name>
changed to mydomaincontrollername
<source-ad-partition>dc=fabrikam,dc=com</source-ad-partition>
changed to dc=mydomain,dc=com
<source-ad-account></source-ad-account>
<account-domain></account-domain>
<target-dn>dc=fabrikam,dc=com</target-dn>
<query>
<base-dn>dc=fabrikam,dc=com</base-dn>
Do I need to change anything on the target-dn and base-dn options?
Also about the Application Directory Partition option, isn't that
option
(default) o=microsoft,c=US when you do the installed?
Hope you can help,
Javier
"Lee Flight" wrote:
Hi
in the example on page 29 of the guide it's assumed that
you have a source AD domain dc=fabrikam,dc=com that you are
sync'ing from into a target naming context o=microsoft,c=us in
an ADAM instance.
So you need to substitute the name of your AD domain in the
<source-ad-partition> and the name of a domain controller
for that domain in <source-ad-name>. You also need to create
the target naming context in ADAM, you can do that when
prompted at the Application Directory Partition page of the
ADAM setup wizard (easiest) or by modifying the example
on p.51 of the guide.
Some good notes on ADAMsync are available here:
http://blogs.technet.com/efleis/archive/tags/Windows/default.aspx
Lee Flight
"Javier2893" <Javier2893@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:8C7A1962-BBDC-4B1B-92A5-D1B396F2531A@xxxxxxxxxxxxxxxx
Hi,
I am new on ADAM and I was reading the step-by step guide, the
install
went
fine.
All I need is to make a read only copy of my ad into an ADAM
instance.
I
was
able to connect to my instance, and I am at the point where I need
to
use
the
Active Directory to ADAM sync tool.
I was able to execute the following two command successfully:
ldifde -i -s localhost -c CN=Configuration,DC=X
#ConfigurationNamingContext
-f MS-AdamSchemaW2k3.ldf
ldifde -i -s localhost:389 -c CN=Configuration,DC=X
#ConfigurationNamingContext -f MS-AdamSyncMetadata.ldf
However when I tried to do the ADAMSync /install localhost:389
%windir%\ADAM\MS-AdamSyncConf.xml command it came back with
following
error:
LDAP error occurred. ladap_get_next_page_s: Operations error.
Extended Info: 000020D6: SvcErr: DSID-0310072B, Problem 5012
(DIR_ERROR),
data 0
Have you guys seen this error before, the only thing that comes to
mind
is
that my settings on the XML file are wrong. Kind of confuse about
the
target
source.
I used the defautl settings o=Microsoft, c=US for my partition.
<source-ad-name>SeattleDC1</source-ad-name>.
<source-ad-partition>dc=fabrikam,dc=com</source-ad-partition>.
<source-ad-account>administrator</source-ad-account>.
<account-domain>fabrikam.com</account-domain>.
<target-dn>o=microsoft,c=US</target-dn>.
<base-dn>dc=fabrikam,dc=com</base-dn>.
Any help would be appreciated.
Thanks
- Follow-Ups:
- Re: ADAM installed
- From: Javier2893
- Re: ADAM installed
- References:
- Re: ADAM installed
- From: Lee Flight
- Re: ADAM installed
- From: Javier2893
- Re: ADAM installed
- From: Lee Flight
- Re: ADAM installed
- From: Javier2893
- Re: ADAM installed
- From: Lee Flight
- Re: ADAM installed
- Prev by Date: Using Ldifde to mail enable a user.
- Next by Date: Re: Where did Power Users go?
- Previous by thread: Re: ADAM installed
- Next by thread: Re: ADAM installed
- Index(es):
Relevant Pages
|
