Re: ADAM installed
- From: "Lee Flight" <lef@xxxxxxxxxxxxxxx>
- Date: Thu, 9 Nov 2006 10:15:39 -0000
Hi
yes just as you would for the MS-AdamSchemaW2k3.ldf but with
your ldf.
Lee Flight
"Javier2893" <Javier2893@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:925CC464-0293-43E6-AAE9-74BD93F7334C@xxxxxxxxxxxxxxxx
Do you mean importing the ldif file using the following command?
ldifde -i -u -f r3-schema.ldf -s server:port -b username domain
password -j
. -c "cn=Configuration,dc=X" #configurationNamingContext
Will this step extend my ADAM schema to match my AD's??
Thanks,
Javier
"Lee Flight" wrote:
Hi
rather than MS-AdamSchemaW2k3.ldf you want the ldf that you created
using ADSchemaAnalyzer to get your ADAM schema to match your AD
schema.
Lee Flight
"Javier2893" <Javier2893@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EB9AD172-3039-4F20-90CC-EB4300E0F222@xxxxxxxxxxxxxxxx
Hi Lee,
I just created my ldif file as per the user guide on page 27, I am
moving
on
to page 28 To use Active Directory to ADAM Synchronizer for the first
time:
To extend the ADAM schema to match the default Windows Server 2003
schema:
ldifde -i -s localhost -c CN=Configuration,DC=X
#ConfigurationNamingContext
-f MS-AdamSchemaW2k3.ldf
ldifde -i -s localhost:389 -c CN=Configuration,DC=X
#ConfigurationNamingContext -f MS-AdamSyncMetadata.ldf
Do I have to modify any parameters on the commands stated above or just
run
them?
I am documenting this process, sorry about the dum questions.
Thanks,
Javier
"Lee Flight" wrote:
Hi
Yes, the DC is your "target" (what you want to get to) and the ADAM
instance
your "base" (where you are starting from).
Once you have that LDF file you can use it to extend your schema
together
with the MS-AdamSyncMetadata.ldf; you must apply both ldf files, the
order
is not critical.
Lee Flight
"Javier2893" <Javier2893@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:80446BDF-612F-444E-81EE-782FC9A63291@xxxxxxxxxxxxxxxx
Hi Lee,
As I was saying I am restarting the process on a clean computer now,
before
I go any further I would like to ask you about page 27 "how to
create
and
LDIF file with ADSchemaAnalizer". If this is true which would it be
my
taget
schema, the ADAM instance or the Windows 2003 domain controller.
Is it a requirement to create the LDIF file and imported to your
ADAM
instance before extending your ADAM schema??
Thanks,
Javier
"Lee Flight" wrote:
Hi
apologies I missed your post.
ADAM SP1 has version 1.1.3790.2075 on the dsamain.exe and
adamdsa.dll
in %windir%\adam. If you want to use ADAMSync then ADAM SP1 is
required as that is the first supported release of ADAMSync (also
1.1.3790.2075).
Note that version of ADAMSync is good for sync from W2K3 AD be it
W2K3
SP1
or the R2 release of W2K3.
Lee Flight
"Javier2893" <Javier2893@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:712CC128-1789-4552-95E6-74E5090F70F9@xxxxxxxxxxxxxxxx
Hi Lee,
sorry to bother you again, I was wondering if you had the chance
to
see
my
last post?
Thanks
Javier2893
"Lee Flight" wrote:
Hi
If you exported your AD schema using ADSchemaAnalyzer then the
Exchange schema extensions should have been picked up.
Reviewing this thread it looks like you used
MS-AdamSchemaW2k3.ldf
so before rebuilding make sure you get a copy of your AD schema;
this newsgroup for notes on using ADSchemaAnalyzer.
After a successful sync the copy will be read and write
(although
any
write
to
the ADAM copy does not go back to AD as the sync is one-way).
You
can restrict writing by adjusting the security of the ADAM
instance,
the
default
is quite restrictive.
Lee Flight
"Javier2893" <Javier2893@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:61379731-BB5A-4242-838A-3131AB9F713D@xxxxxxxxxxxxxxxx
Thanks,
I'll play around with it and see if I can catch anything?
Does having exchange install on that AD changes anything?
Also if the install and sync are successfull the copy would be
read
only
or
people will be able to modify objects in ADAM?
Really appreciate your help,
Javier2893
"Lee Flight" wrote:
Hi
I cannot see anything obviously wrong. The account you are
using
for the sync can see objects in the AD right?
I think my next step would be to delete and then recreate the
ADAM naming context and then re-run the adamsync /install.
For a full clean start reinstall the ADAM instance and
re-trace
your
steps is probably quickest. Having done that make sure you
run
the /sync with /log so we can see your progress.
Thanks
Lee Flight
"Javier2893" <Javier2893@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:7E2D34F9-11AA-46E7-AB03-FBB0EF0A103D@xxxxxxxxxxxxxxxx
Hi Lee,
as per your information I ran the ADAMSync reset option and
re
run
the
sync
again, I was able to see the command executing and going to
so
many
options.
but nothing seems to be sync. Below is the copy of my
config
file.
Could
you
take a look at it and let me know if you see something
wrong
with
it?
Thanks,
Javier
"Javier2893" wrote:
Hi Lee,
here is my config file:
<doc>
<configuration>
<description>sample Adamsync configuration
file</description>
<security-mode>object</security-mode>
<source-ad-name>MYDC-DC1</source-ad-name>
<source-ad-partition>dc=MYDOMAIN,dc=com</source-ad-partition>
<source-ad-account></source-ad-account>
<account-domain></account-domain>
<target-dn>o=Microsoft,c=US</target-dn>
<query>
<base-dn>dc=MYDOMAIN,dc=com</base-dn>
<object-filter>(objectClass=*)</object-filter>
<attributes>
<include></include>
<exclude>extensionName</exclude>
<exclude>displayNamePrintable</exclude>
<exclude>flags</exclude>
<exclude>isPrivelegeHolder</exclude>
<exclude>msCom-UserLink</exclude>
<exclude>msCom-PartitionSetLink</exclude>
<exclude>reports</exclude>
<exclude>serviceprincipalname</exclude>
<exclude>accountExpires</exclude>
<exclude>adminCount</exclude>
<exclude>primarygroupid</exclude>
<exclude>userAccountControl</exclude>
<exclude>codePage</exclude>
<exclude>countryCode</exclude>
<exclude>logonhours</exclude>
<exclude>lockoutTime</exclude>
</attributes>
</query>
<schedule>
<aging>
<frequency>0</frequency>
<num-objects>0</num-objects>
</aging>
<schtasks-cmd></schtasks-cmd>
</schedule>
</configuration>
<synchronizer-state>
<dirsync-cookie></dirsync-cookie>
<status></status>
<authoritative-adam-instance></authoritative-adam-instance>
<configuration-file-guid></configuration-file-guid>
<last-sync-attempt-time></last-sync-attempt-time>
<last-sync-success-time></last-sync-success-time>
<last-sync-error-time></last-sync-error-time>
<last-sync-error-string></last-sync-error-string>
<consecutive-sync-failures></consecutive-sync-failures>
<user-credentials></user-credentials>
<runs-since-last-object-update></runs-since-last-object-update>
<runs-since-last-full-sync></runs-since-last-full-sync>
</synchronizer-state>
</doc>
I guess it would be a good time to ask you if the sync
would
be
a
read
only
copy, that is what I am trying to accomplish here.
Thanks
"Lee Flight" wrote:
Hi
well there is no error there, so it looks like you have
made
progress
on the
naming
context issues. What does your full XML config look
like,
maybe
your
object-filter
is not matching?
As you have been working this out it might be a good
idea
to
run
an
ADAMsync /reset on the configuration (and then run /sync
with
/log )
or just destroy and re-create the ADAM naming context
and
then
ADAMSync /install and then try the sync.
Lee Flight
"Javier2893" <Javier2893@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote
in
message
news:6E5CAFF2-D7F3-4097-B83A-778053CB00A8@xxxxxxxxxxxxxxxx
Hi Lee,
I was able to run the Sync command and here is my
output:
Command Prompt>ADAMSync /sync localhost:389
"o=microsoft,c=US"
/log -
Adamsync.exe v1.0 (5.2.3790.2075)
Establishing connection to target server
localhost:389.
Saving Configuration File on O=Microsoft,C=US
Saved configuration file.
ADAMSync is querying for a writable replica of
MYDOMAIN.
Error: DCLocator call failed with an errror 1355.
Attempting
to
bind
directly to string.
Establishing connection to source server MYDC:389.
Using file .\dam43.tmp as a store for deferred
dn-references.
Populating the schema cache
Populating the well known objects cache
Starting synchronization frun from dc=mydomain,dc=com.
Starting DirSync Search with object mode security.
Processing Entry: Page 1, Frame 1, Entry 0, Count 0,
USN
0
Processing source entry
<guid=61c4662cab78f5478c61e92b3b060355>
Previous Entry tool 0 seconds (0, 0) to process
Processing Entry: Page 1, Frame 1, Entry 1, Count 1,
USN
0
Processing source entry
<guid=86d4d5010361cc48aa6767669e300080>
Previous entry took 0 seconds<15, 0) to process
.
- Follow-Ups:
- Re: ADAM installed
- From: Javier2893
- Re: ADAM installed
- From: Javier2893
- Re: ADAM installed
- References:
- Re: ADAM installed
- From: Javier2893
- Re: ADAM installed
- From: Lee Flight
- Re: ADAM installed
- From: Javier2893
- Re: ADAM installed
- From: Lee Flight
- Re: ADAM installed
- From: Javier2893
- Re: ADAM installed
- From: Lee Flight
- Re: ADAM installed
- From: Javier2893
- Re: ADAM installed
- Prev by Date: Re: Migration Steps?
- Next by Date: Re: Overlap subnets in AD sites and Services
- Previous by thread: Re: ADAM installed
- Next by thread: Re: ADAM installed
- Index(es):
Relevant Pages
|
Loading
