Active Directory and 10.8 Server: Can't add users

Similar Messages

• Active Directory and OS X Server working together?

  Hi Guys,
  I work at a small company with around 200 users and we have a mix of windows, ubuntu and OS X. We are two ppl that manages all computers and servers and recently we had a large amount of new Mac users.
  We bind all our computers to AD with our own scrip the installation and binding is fine. But after we are done and when we have given our user their new laptop we are struck with the feeling of "lack of control" and we can't help or administrate our Mac's.
  My Question is:
  What would I benefit from a OS X Server? If I decide to install one

  You have a lot of management options. 
  You can use OS X Server and configured what has become known as the magic triangle.  In this method, you bind all of your Macs to both the AD domain and the OD (OS X Server) domain.  You then use the OD domain to create management groups and use MXC (managed client OS X) to establish the equivalent or group policy.  In this method, you make no modifications to AD, work with native tools, and have a highly customization management solution.  Ah, but here is the drawback...  Apple is depreciating MCX in favor of Configuration Profiles.
  So, if you are supporting only Lion or higher, you can opt to embrace profiles now.  The problem is that under Lion, Profiles are not a complete port of MCX as profiles are weighted toward iOS right now.  The writing is on the wall that this will change with the next OS release and desktop profile management will be more complete.  Download a copy of Apple Configurator from the App store to get started.  Or you can use OS X Server and launch the Profile Manager service to allow for push delivery of new profiles.
  Now, if you are over 50 Macs or you have a blend of employee and employer owned devices, you might want to look into a management solution.  I would suggest checking out JAMF as this will delivery everything you are imagining and then some. 
  There are other options also, such as schema modification, Absolute Manage, and some Windows centric tools that claim to manage Macs (Altiris has been claiming to have a Mac client for years but I've never actually seen it).
  I suggest that you consider what your needs are regarding continued management.  This decison should consider the ownership of the devices, what compliance you are trying to satisfy, the sensitivity of the data that is on the units, their portability, and what type of tracking you require.

• Mac os x wiki server can't authenticate user password from active directory recently after we upgraded to windows 2008 server.

  after upgraded to windows 2008 server, our  mac os x wiki server can't authenticate user password anymore. How can I re-bind the wiki server to the AD again? thanks in advance.

  Solved it by deleting the user and creating a new one with the same userID.
  Maybe it occured because I marked the "user has to change password after first login" box when resetting the password but didn't yet allow him to do so in the webpages menu?!?

• Cannot install Active Directory Domain Services on Server 2012 R2

  Hi all,
  I'm having some trouble installing the AD DS role onto my virtual server. I keep getting "The request to add or remove features on the specified server failed. The operation cannot be completed because the server that you specified requires a restart."
  After the install fails the DFS Namespace service stops and I cannot refresh the server manager. 
  This server is currently dishing out DHCP and also has VIPRE anti virus on it. 
  I did a ton of research on the problem but can not find anything specific to this issue.
  Any help would be greatly appreciated. Thanks!

  Hi Dave,
  I ran the DISM.EXE/Online/Cleanup-image/Restorehealth command and Windows did not find any corruption. 
  I then attempted to install active directory and was greeted with the same errors as I expressed in my first post. 
  I ran the DISM.EXE/Online/Cleanup-image/Restorehealth command again and windows found corruption and fixed the corruption. 
  I tried to install active directory again (was able to refresh the server manager at this point and did not need to reboot the server to attempt another install, maybe that is the corruption windows fixed?) but it failed.... with the same errors I always
  get. 
  The active directory install always freezes on 64% and then bombs out. 
  I shutdown the VM and rebooted... before the login screen Windows attempts to configure updates but fails. Could this be the cause?
  Thank you,
  -Matt

• Microsoft Exchange Server 2013 Cumulative Update 7 Setup - Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error - Set-SharedConfigDC

  What am I trying to do?
  I have tried installing Microsoft Exchange Server 2013 Cumulative Update 7 Setup on a fresh install of Windows Server 2012 R2 but it gets stuck when running the setup exe on Step 8 of 14 “Mailbox Transport Service” I have included full
  error logs at the bottom of the page but the basics are in order it will throw which loop around are:
  [01/20/2015 17:13:20.0084] [2] Beginning processing Set-SharedConfigDC
  [01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
  Found in Forest mydomain.com Site Default-First-Site and connected Sites..
  [01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
  Exchange is currently running in the envirmonet on 2010 Sp3 I am installing 2013 CU7 fresh so I can migrate the databases over.
  What am I running?
  2 X DC on domain and forest functional level 2008R2 both writable
  1 X fresh install of Windows 2012 R2 which is domain joined
  What have I tried?
  Checked Ipv6 is enabled on all DC NICS and Existing Exchange Servers
  Rebooted every server
  Run setup as Administrator
  My account is part of the domain Enterprise Admin group
  Tried adding "Exchange Server" or "Exchange Enterprise Servers" to the group policy and doing the relevant gpupdate /force and reboot :
  Computer Configuration Windows Settings
  Security Settings + Local Policies
  User Rights Assignment Mange auditing and security log
  Turned off firewall on DC and Exchange Server even stopped the service
  Turned off all AV on the DC and Exchange Server
  Checked I could telnet to global catalog servers on port 3268 which I can
  Checked the global catalog records existed in DNS which they all do
  Done the obvious ping tests all round which confirms connectivity
  Schema has been prepared using appropriate commands before running the setup exe
  setup.exe /PrepareSchema /IacceptExchangeServerLicenseTerms
  Making sure the following path has full permissions:
  EXCHANGE14:\Current\Release\Shared\Datacenter\Setup
  Restarted Microsoft Exchange Active Directory Topology service
  DcDiag all looks good
  What have I noticed that is suspicious?
  Microsoft Exchange Transport service will not start even though both of its dependences services have started:
  Microsoft Filtering Management Service
  Microsoft Exchange Active Directory Topology Service
  It will eventually error with
  “Windows could not start the Microsoft Exchange Transport Service on local computer
  Error 1053: This Service did not respond to the start of control request in a timely fashion”
  This error is from the GUI wizard itself:
  Error:
  The following error was generated when "$error.Clear();
  $maxWait = New-TimeSpan -Minutes 8
  $timeout = Get-Date;
  $timeout = $timeout.Add($maxWait);
  $currTime = Get-Date;
  $successfullySetConfigDC = $false;
  while($currTime -le $timeout)
  $setSharedCDCErrors = @();
  try
  Set-SharedConfigDC -DomainController $RoleDomainController -ErrorVariable setSharedCDCErrors -ErrorAction SilentlyContinue;
  $successfullySetConfigDC = ($setSharedCDCErrors.Count -eq 0);
  if($successfullySetConfigDC)
  break;
  Write-ExchangeSetupLog -Info ("An error ocurred while setting shared config DC. Error: " + $setSharedCDCErrors[0]);
  catch
  Write-ExchangeSetupLog -Info ("An exception ocurred while setting shared config DC. Exception: " + $_.Exception.Message);
  Write-ExchangeSetupLog -Info ("Waiting 30 seconds before attempting again.");
  Start-Sleep -Seconds 30;
  $currTime = Get-Date;
  if( -not $successfullySetConfigDC)
  Write-ExchangeSetupLog -Error "Unable to set shared config DC.";
  " was run: "System.Exception: Unable to set shared config DC.
  at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
  at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
  at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
  at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
  at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".
  Exchange logs which have been written:
  **The error will loop around for 8 minutes on trying to set-sharedconfig DC whatever this is trying to do ??
  [01/20/2015 17:13:20.0084] [2] Active Directory session settings for 'Set-SharedConfigDC' are: View Entire Forest: 'True', Configuration Domain Controller:mydomain.com', Preferred Global Catalog: 'mydomain.com', Preferred Domain Controllers:
  '{ mydomain.com}'
  [01/20/2015 17:13:20.0084] [2] User specified parameters: 
  -DomainController:mydomain.com' -ErrorVariable:'setSharedCDCErrors' -ErrorAction:'SilentlyContinue'
  [01/20/2015 17:13:20.0084] [2] Beginning processing Set-SharedConfigDC
  [01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
  Found in Forest mydomain.com Site Default-First-Site and connected Sites..
  [01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
  [01/20/2015 17:13:20.0178] [2] The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details No Minimal Required Number of Suitable Directory Servers
  Found in Forest mydomain.com Site Default-First-Site and connected Sites..
  [01/20/2015 17:13:20.0178] [2] No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites.
  [01/20/2015 17:13:20.0178] [2] Ending processing Set-SharedConfigDC
  [01/20/2015 17:13:20.0193] [2] Beginning processing Write-ExchangeSetupLog
  [01/20/2015 17:13:20.0193] [2] An error ocurred while setting shared config DC. Error: The call to Microsoft Exchange Active Directory Topology service on server 'TopologyClientTcpEndpoint (localhost)' returned an error. Error details
  No Minimal Required Number of Suitable Directory Servers Found in Forest mydomain.com Site Default-First-Site and connected Sites..
  [01/20/2015 17:13:20.0193] [2] Ending processing Write-ExchangeSetupLog
  [01/20/2015 17:13:20.0193] [2] Beginning processing Write-ExchangeSetupLog
  [01/20/2015 17:13:20.0193] [2] Waiting 30 seconds before attempting again.
  [01/20/2015 17:13:20.0193] [2] Ending processing Write-ExchangeSetupLog
  [01/20/2015 17:13:50.0195] [2] Beginning processing Write-ExchangeSetupLog
  [01/20/2015 17:13:50.0273] [2] [ERROR] Unable to set shared config DC.
  [01/20/2015 17:13:50.0273] [2] [ERROR] Unable to set shared config DC.
  [01/20/2015 17:13:50.0288] [2] Ending processing Write-ExchangeSetupLog
  [01/20/2015 17:13:50.0288] [1] The following 1 error(s) occurred during task execution:
  [01/20/2015 17:13:50.0288] [1] 0.  ErrorRecord: Unable to set shared config DC.
  [01/20/2015 17:13:50.0288] [1] 0.  ErrorRecord: System.Exception: Unable to set shared config DC.
     at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
     at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
     at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
     at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
     at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)
  [01/20/2015 17:13:50.0288] [1] [ERROR] The following error was generated when "$error.Clear();
  $maxWait = New-TimeSpan -Minutes 8
  $timeout = Get-Date;
  $timeout = $timeout.Add($maxWait);
  $currTime = Get-Date;
  $successfullySetConfigDC = $false;
  while($currTime -le $timeout)
  $setSharedCDCErrors = @();
  try
  Set-SharedConfigDC -DomainController $RoleDomainController -ErrorVariable setSharedCDCErrors -ErrorAction SilentlyContinue;
  $successfullySetConfigDC = ($setSharedCDCErrors.Count -eq 0);
  if($successfullySetConfigDC)
  break;
  Write-ExchangeSetupLog -Info ("An error ocurred while setting shared config DC. Error: " + $setSharedCDCErrors[0]);
  catch
  Write-ExchangeSetupLog -Info ("An exception ocurred while setting shared config DC. Exception: " + $_.Exception.Message);
  Write-ExchangeSetupLog -Info ("Waiting 30 seconds before attempting again.");
  Start-Sleep -Seconds 30;
  $currTime = Get-Date;
  if( -not $successfullySetConfigDC)
  Write-ExchangeSetupLog -Error "Unable to set shared config DC.";
          " was run: "System.Exception: Unable to set shared config DC.
     at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target, Boolean reThrow, String helpUrl)
     at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
     at Microsoft.Exchange.Management.Deployment.WriteExchangeSetupLog.InternalProcessRecord()
     at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()
     at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".
  [01/20/2015 17:13:50.0288] [1] [ERROR] Unable to set shared config DC.
  [01/20/2015 17:13:50.0288] [1] [ERROR-REFERENCE] Id=AllADRolesCommonServiceControl___ee47ab1c06fb47919398e2e95ed99c6c Component=EXCHANGE14:\Current\Release\Shared\Datacenter\Setup
  [01/20/2015 17:13:50.0288] [1] Setup is stopping now because of one or more critical errors.
  [01/20/2015 17:13:50.0288] [1] Finished executing component tasks.
  [01/20/2015 17:13:50.0304] [1] Ending processing Install-BridgeheadRole
  Windows Event Viewer:
  Process Microsoft.Exchange.Directory.TopologyService.exe (PID=5276) Forest mydomain.com. Exchange Active Directory Provider couldn't find minimal required number of suitable Global Catalog servers
  in either the local site 'Default-First-Site' or the following sites:

  Hi apl228,
  1. Please make sure the IPv6 is enabled.
  2. Please make sure the account that install Exchange server has Administrator permission.
  3. Please make sure DNS has been configured correctly.
  Thanks
  Mavis Huang
  TechNet Community Support

• 10.6 home directory mounting with active directory and open directory integration

  Hi guys i am having some issues in my new mac environment. I have a windows network with an server 2008 active directory. I have just recentlly created a "magic triangle" setup with active directory and open directory. When my users login via windows their home folders mount perfect. When any user logs in to any iMac in the building it does not work. They login perfectly fine, but their home folders do not mount. When i try mounting them manually with smb, i get a prompt for credentials. I am thinking this is my issue, my Single sign on with kerbos is working but for some reason is not logging in correctly. If i type in my credentials with my domain first then my name it works.
  For example DOMAIN\jsmith works, but the way i think the mac and active directory is doing it now is just jsmith without the DOMAIN.
  I feel like this is the problem with the home folders not mounting.
  Can anyone provide some help with this?
  Thanks,
  Dani

  Hi dani190,
  are you using the fully qualified domain name of the network server? ie if your server is bob. and your domain is domain.company.com. then the FQDNS would typically be bob.domain.company.com or bob.company.com.
  If the FQDNS works, then have you checked in the AD to make sure the path to the network home folder uses the FQDNS?
  For the contact search path, did you put the AD at the top the list? (in directory utility)
  Did you set the WINS work group on your client computer to your domain?
  ie:Apple Menu, System Preferences, Network, Active Network Port (ethernet and or airport) , Advanced Button, WINS Tab, set workgroup to the name of your domain. ie domain.company.com and or company.com

• How to manage Active directory and tools to manage Active Directory

  How to manage Active directory and which tools we use?

  You can use Microsoft Active Directory management tools:
  http://technet.microsoft.com/en-us/library/aa998508(EXCHG.65).aspx
  http://technet.microsoft.com/en-us/library/aa998508(EXCHG.65).aspx
  erview of Server Message Block signing
  http://support.microsoft.com/kb/887429/en-us
  Remote Server Administration Tools for Windows 7:
  http://www.microsoft.com/downloads/details.aspx?FamilyID=7d2f6ad7-656b-4313-a005-4e344e43997d&displaylang=en
  AD Admin Center:
  http://technet.microsoft.com/en-us/library/dd560651(WS.10).aspx
  http://technet.microsoft.com/en-us/library/dd560652(WS.10).aspx
  Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX http://blogs.sivarajan.com/ http://publications.sivarajan.com/ This posting is provided "AS IS" with no warranties, and confers no rights.

• Active Directory and many OUs

  Hello all,
  This topic might have been talked about before but after a lot of searching I still have not found a solution, so I ask for a bit of help.
  In our Active Directory there are many OUs where users are kept. There is no one top OU where you can start your search. I don't really know why it was set up this way and I don't have an option to change that. I would really like to have ou=users like most have!
  So when I try to authenticate a user (I'm installing DSpace in my uni) I cannot automatically add the OU for the user trying to log in and the users themselves don't know their OU (well, why would they!).
  I'm hoping there is some simple solution to this. Maybe JNDI API allows for searching in many OUs at the same time (some fixed list in the code)? Or maybe the OU is not needed at all in the search?
  Any help/hints would be appreciated.
  best regards, Logi

  For searching, you can issue a subtree search will search through the entire subtree, irrespective of how many levels of OU's may exist, by using SearchControls.SUBTREE_SCOPE
  Have a look at the tutorial at http://java.sun.com/products/jndi/tutorial/basics/directory/scope.html
  For authentication, you can either get the user to enter their:
  distinguished name
  (cn=Albert Eirnstein, ou=Research,dc=Antipodes,dc=com), although that is not entirely user friendly
  their NT style logon name (samAccountName)
  ANTIPODES\alberte, more user friendly,
  or their Windows 200 style logon name (userPrincipalName),
  [email protected], equally as user friendly.
  You may also want to look at some of the following posts:
  JNDI, Active Directory and Authentication (Part 1) (Kerberos)
  http://forum.java.sun.com/thread.jspa?threadID=579829&tstart=300
  JNDI, Active Directory & Authentication (part 2) (SSL)
  http://forum.java.sun.com/thread.jspa?threadID=581425&tstart=50
  JNDI, Active Directory & Authentication (part 3) (Digest-MD5)
  http://forum.java.sun.com/thread.jspa?threadID=581868&tstart=150
  JNDI, Active Directory & Authentication (part 4) (SASL EXTERNAL)
  http://forum.java.sun.com/thread.jspa?threadID=641047&tstart=0
  JNDI, Active Directory and Authentication (part 5, LDAP Fastbinds)
  http://forum.java.sun.com/thread.jspa?threadID=726601&tstart=0
  JNDI, Active Directory, Referrals and Global Catalog
  http://forum.java.sun.com/thread.jspa?threadID=603815&tstart=15

• User synchronization issue between Active Directory and Solution manager.

  Requirement:
  Synchronize the users between Active directory and solution manager system.
  <u>What we did:</u>
  1.     Created RFC connection (LDAP_RFC) for LDAP connector.
  2.     Created new LDAP connector that utilize the RFC (LDAP_RFC).
  3.     Created new logical LDAP Server(CUA).Here we have to maintain the connection
  details to the physical directory.
  4.     We maintained the communication user that is used by the LDAP connector to bind the LDAP Directory Server.
  5.     In transaction LDAPMAP specific SAP data fields, we mapped to the desired
  directory attributes.
  6.     Testing from LDAP transaction working fine. We are able to see the attributes and
  values       from Active directory.
  <b><u>Issue:</u></b>
  When executed the program RSLDAPSYNC_USER for user synchronization from t-code se38 with below selection .
  LDAP Server = CUA (created earlier)
  LDAP Connector = LDAP_RFC (RFC connection created created ealier)
  In the tab: (Object that exist both in the directory and in the Database:)
  Selected: Compare Time Stamp.
  In the tab: (Objects the only exist in the Directory.)
  Selected : Create in Database.
  In the tab(Objects that only Exist in the Database:
  Selected: Ignore Object.
  Result from the report shows that connection to LDAP server is fine and ‘0’(zero) objects in Directory.
  The program does not create any new user in the Solution Manager system.
  Any help on this issue greatly appreciated.
  Thanks & Regards,
  Harish

  where did you see this error ? is there anymore details.
  i think the account you are using for Sync does not have Replicate Directory Changes permission in AD. follow below article and give Replicate directory changes permission.
  http://technet.microsoft.com/en-us/library/hh296982(v=office.15).aspx
  Thanks, Noddy

• Store signature image in Active Directory and deploy it to each users desktop

  What I am trying to achieve is to have each user a hand written signature scanned in and stored in the .jpgPhoto attribute in Active Directory and then have some sort of script, like our login script, pull that information and copy the file to the users
  desktop.  We are wanting to be able to allow users to apply the signature image on a signature line in Office 2010 or InfoPath forms instead of typing their name.    I know there has to be a way to do this but I have not found it yet and I am
  not very good at scripting.  Is there anyone here that has accomplished such a task and if so, how did you go about doing it? 
  David Hood

  We already have Outlook email signatures created from AD information deployed to all users.  Someone else on my team deployed that already and it works great.  But that is just basic user info pulled from fields that were manually entered in
  the user account.  What I want to do is have a user scribble their signature on a piece of paper or a tablet, capture an image of that to crop and resize to store in the AD user account or somewhere secure that can be queried to be pushed to that users
  desktop.  I work at a state government agency and I have heard of another agency doing this but I have no idea how they did it.  The only thing I could think of is to have a script ran during login to query the AD attribute the image is stored in,
  pull it and then copy it to the users machine so when they sign a word document or .PDF with a digital signature they also have the option to place that image in the signature line. 
  David Hood

• JNDI, Active Directory and Persistent Searches (part 2)

  The original post of this title which was located at http://forum.java.sun.com/thread.jspa?threadID=578342&tstart=200 subsequently disappeared into the ether (as with many other posts).
  By request I am reposting the sample code which demonstrates receiving notifications of object changes on the Active Directory.
  Further information on both the Active Directory and dirsynch and ldap notification mechanisms can be found at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ad/ad/overview_of_change_tracking_techniques.asp
  * ldapnotify.java
  * December 2004
  * Sample JNDI application that uses AD LDAP Notification Control.
  import java.util.Hashtable;
  import java.util.Enumeration;
  import javax.naming.*;
  import javax.naming.ldap.*;
  import com.sun.jndi.ldap.ctl.*;
  import javax.naming.directory.*;
  class NotifyControl implements Control {
       public byte[] getEncodedValue() {
               return new byte[] {};
         public String getID() {
            return "1.2.840.113556.1.4.528";
       public boolean isCritical() {
            return true;
  class ldapnotify {
       public static void main(String[] args) {
            Hashtable env = new Hashtable();
            String adminName = "CN=Administrator,CN=Users,DC=antipodes,DC=com";
            String adminPassword = "XXXXXXXX";
            String ldapURL = "ldap://mydc.antipodes.com:389";
            String searchBase = "DC=antipodes,DC=com";
            //For persistent search can only use objectClass=*
            String searchFilter = "(objectClass=*)";
                 env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
            //set security credentials, note using simple cleartext authentication
            env.put(Context.SECURITY_AUTHENTICATION,"simple");
            env.put(Context.SECURITY_PRINCIPAL,adminName);
            env.put(Context.SECURITY_CREDENTIALS,adminPassword);
            //connect to my domain controller
            env.put(Context.PROVIDER_URL,ldapURL);
            try {
                 //bind to the domain controller
                    LdapContext ctx = new InitialLdapContext(env,null);
                 // Create the search controls           
                 SearchControls searchCtls = new SearchControls();
                 //Specify the attributes to return
                 String returnedAtts[] = null;
                 searchCtls.setReturningAttributes(returnedAtts);
                 //Specify the search scope
                 searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
                       //Specifiy the search time limit, in this case unlimited
                 searchCtls.setTimeLimit(0);
                 //Request the LDAP Persistent Search control
                       Control[] rqstCtls = new Control[]{new NotifyControl()};
                       ctx.setRequestControls(rqstCtls);
                 //Now perform the search
                 NamingEnumeration answer = ctx.search(searchBase,searchFilter,searchCtls);
                 SearchResult sr;
                       Attributes attrs;
                 //Continue waiting for changes....forever
                 while(true) {
                      System.out.println("Waiting for changes..., press Ctrl C to exit");
                      sr = (SearchResult)answer.next();
                            System.out.println(">>>" + sr.getName());
                      //Print out the modified attributes
                      //instanceType and objectGUID are always returned
                      attrs = sr.getAttributes();
                      if (attrs != null) {
                           try {
                                for (NamingEnumeration ae = attrs.getAll();ae.hasMore();) {
                                     Attribute attr = (Attribute)ae.next();
                                     System.out.println("Attribute: " + attr.getID());
                                     for (NamingEnumeration e = attr.getAll();e.hasMore();System.out.println("   " + e.next().toString()));
                           catch (NullPointerException e)     {
                                System.err.println("Problem listing attributes: " + e);
            catch (NamingException e) {
                        System.err.println("LDAP Notifications failure. " + e);
  }

  Hi Steven
  How can I detect what change was made ? Is there an attribute that tell us ?
  Thanks
  MHM

• How to map active directory and wordpress ?

  i want to import my existing wordpress users in Active Directory but status is not changed.
  This topic first appeared in the Spiceworks Community

  1) I want to Import wordpress user in active Directory
  2) so,I install one plugin like "Active Directory Integrate".
  3) I configure this plugin and import users in Active Directory
  4) I want to Enable user in Active directory and importing in Active Direcoty.
  help me

• I got the new iPhone 5C. In my cellular settings, under "Use cellular data for", it only show passbook and facetime. How can I add other apps? Also, my carrier is AT&T

  I got the new iPhone 5C. In my cellular settings, under "Use cellular data for", it only show passbook and facetime. How can I add other apps? Also, my carrier is AT&amp;T

  Hello Sophie59
  You should be able to see two different tabs when setting up the email if you go to Other > Add Mail Account. Once you enter in the email address and password, you should be at the next screen to provide more details about the email as far as incoming and outgoing servers and at the top there will be a blue section to add it in as a POP or IMAP email account. Check out the article below for further troubleshooting and emails setup options.
  iOS: Troubleshooting Mail
  http://support.apple.com/kb/ts3899
  iOS: Adding an email account
  http://support.apple.com/kb/ht4810
  Regards,
  -Norm G.

• Downloaded new ios8, my name is on my husbands iPad with my email and Apple ID. I am the primary for cloud drive. I try to add him as a family member and it says you can't add yourself!

  I Am set up as primary for Apple cloud drive.  my apple I'd comes up in my husbands settings on his iPad. I try to add him in the family section and it says you can't add yourself!  How do I get his apple I'd back to his cloud settings?,
  i downloaded the new software on his iPad and may have put in my Apple id and password!  How do I chabeg this?   Yikes!
  thank you!

  I ran into the same issue.
  Go to "Settings", "iCloud", scroll to the bottom and "sign out"  It will delete everything iCloud related upon your approval (don't worry, everything will remain in the cloud.  Once signed out, in the same settings location (under "Settings", "iCloud") sign in using his Apple ID and Password.
  Hope this helps.

• What are user parameters? and how can i add user parameter

  Hi Experts,
  what are user parameters? and how can i add user parameter and how can i add a user parameter
  HR_DISP_INFTY_NUM with value X?

  user parameters are used give reference grps and counntry grouping use SU3 tcode as amite said