Can't synchronize with Directory Server

I am using IdM 8.0.0.1 and Sun Directory Server EE 6.3.
I have created a server instance and suffix in DS and enabled Retro Changelog plug-in.
In IdM I have created a LDAP resource for the DS. The synchronization policy uses the same base context as the suffix and the changenumber attribute.
My problem is that when starting synchronization, IdM looks for changenumbers larger than the the last changenumber in the changelog suffix.
If I create a user in IdM and assigns the DS resource, the user is created in DS. Changes to e.g. the name in DS is shown in IdM but a sync results in an error in the sync log: java.util.ArrayList cannot be cast to java.lang.String.
I hope all this makes some sort of sense and even more, I hope someone can help me make this work.
Thank you in advance.
Stefan

I don't see any references in the error, and I only changed the name attribute so I don't think that is the problem.
I tried something else: I used Load from Resource to do the first import of users from DS to IdM. This worked as expected so now I have some users to play with. But when I create a new user in DS and starts a Sync, nothing happens. I would expect the new user to be sync'ed into IdM?
And IdM still uses the last changenumber+1 as start point - This explains why nothing is sync'ed, but I don't understand why IdM behaves like that or where the start point comes from?
If anyone can point me to a few tutorials on synchronization, I would appreciate it very much.
Stefan

Similar Messages

Address Book can't synchronize with Exchange server using a domain prefix

I'm having problems attempting to use Address Book's built in "Synchronize with Exchange" feature. The issue seems to be that my company uses domains with their exchange server, so I login with a username like "domain/user" rather than just "user"
iSync finds my server if I just use the "user" login, but the server won't accept the login and I get a failed login error.
When I use the same server with my "domain/user" login I get this error:
"iSync couldn't connect to Exchange. Could not reach the server specified."
It seems that the "domain/" is fooling Address Book into altering the server URL to an invalid address. When I return to the preferences I see that it has changed the URL to http://www.server.com/exchange/domain/user
I've found a bunch of people on the web with this problem, but no solutions. Anyone have any ideas?

I'm having the exact same problem... worked fine until I did a clean install Last week.
anyone figured out a fix or workaround ?

Performance concern with directory server implementation

performance concern with directory server implementation
I first posted this at metalink forum, and was suggested to post it here instead.
Hi,
I'd like to get any feedback regarding performance of oracle directory server implementation. Below is what I copy&patested from 9i Net Services Administrator's Guide, I found no 'directory server vendor documentation', so anything regarding this is welcome too.
Performance
Connect identifiers are stored in a directory server for all clients to access.
Depending on the number of clients, there can be a significant load on a directory
server.
During a connect identifier lookup, a name is searched under a specific Oracle
Context. Because of the scope of the lookup, you probably want users to experience
relatively quick performance so that the database connect time is not affected. Users
may begin to notice slow connect times if lookups takes more than one second.
You can resolve performance problems changing the network topology or
implementing replication.
See Also: Directory server vendor documentation for details on
resolving performance issues
Thanks.
Shannon

Shannon,
you can find some tuning advises in the following
a) OiD Capacity Planning Considerations
http://download-west.oracle.com/docs/cd/B10501_01/network.920/a96574/cap_plan.htm#1030019
b) Tuning Considerations
http://download-west.oracle.com/docs/cd/B10501_01/network.920/a96574/tuning.htm#999468
c) oracle net services
http://download-west.oracle.com/docs/cd/B10501_01/network.920/a96579/products.htm#1005697
you should start with a) to get an overview what to be aware of
--Olaf

Flash or imaging solaris with directory server

Hi,
I don;t know weather it is "doable" or not and im not sure weather this question belong to directory server or solaris OS question.
This is about OS imaging, but with directory server. Reason, i have to build 10 servers with directory server in it.
Did anybody install directory server on a solaris machine and image that server?
can i use the same image to create rest of the servers?
Appriciate any thoughts / suggestions
-S-

Don't ask me exactly how but flash/flar/imaging is exactly that a complete system image. So you could do this but you will end up with 10 identical - i.e. hostname, IP , nodename - servers.
If it's worth the effort I'd suggest putting the JES components that you need, with SILENT install templates etc, into a jumpstart configuration. Then jumpstart/install each server and run the silent installs with appropriate hostname configurations, I've seen this entirely automated but it takes some work
If this is the only time you're EVER going to do this I'd say you're on the verge of the time worth it versus not stage, if you see the need to do this again in future I'd say it is worth the time investment.
You may consider just using jumpstart with appropriate installation bits to get each server OS going and manually install the Directory.
C

Critical problem with directory server--please help!

We are having issues with some applications and the root cause seems to be the directory server. We see the following errors in the directory server log.
[03/Oct/2008:11:58:25 -0600] - DEBUG - conn=-1 op=-1 msgId=-1 - PR_SetSocketOption(PR_SockOpt_NoDelay) failed, error -5962 (The value requested is too large to be stored in the data buffer provided.)
some other stuff in the log file:
[03/Oct/2008:11:48:25 -0600] - DEBUG - conn=-1 op=-1 msgId=-1 - PR_SetSocketOption(PR_SockOpt_NoDelay) failed, error -5962 (The value requested is too large to be stored in the data buffer provided.)
[03/Oct/2008:11:50:26 -0600] - WARNING<20805> - Backend Database - conn=2361383 op=1 msgId=2 - search is not indexed
[03/Oct/2008:11:50:27 -0600] - WARNING<20805> - Backend Database - conn=2361384 op=1 msgId=2 - search is not indexed
[03/Oct/2008:11:50:28 -0600] - WARNING<20805> - Backend Database - conn=2361385 op=1 msgId=2 - search is not indexed
[03/Oct/2008:11:53:25 -0600] - DEBUG - conn=-1 op=-1 msgId=-1 - PR_SetSocketOption(PR_SockOpt_NoDelay) failed, error -5962 (The value requested is too large to be stored in the data buffer provided.)
[03/Oct/2008:11:57:27 -0600] - WARNING<20805> - Backend Database - conn=2197806 op=82101 msgId=686205 - search is not indexed
[03/Oct/2008:11:57:57 -0600] - ERROR<5897> - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry "uid=s0224025,ou=People,dc=lethbridgecollege,dc=ab,dc=ca", attribute "pabURI" is not allowed
[03/Oct/2008:11:58:25 -0600] - DEBUG - conn=-1 op=-1 msgId=-1 - PR_SetSocketOption(PR_SockOpt_NoDelay) failed, error -5962 (The value requested is too large to be stored in the data buffer provided.)
[03/Oct/2008:12:03:25 -0600] - DEBUG - conn=-1 op=-1 msgId=-1 - PR_SetSocketOption(PR_SockOpt_NoDelay) failed, error -5962 (The value requested is too large to be stored in the data buffer provided.)
top shows the following: but cpu many times maxes out and runs 100%. Do i need to perform some indexing somewhere or is there other issues?
load averages: 3.04, 3.15, 3.55 12:11:26
224 processes: 222 sleeping, 1 running, 1 on cpu
CPU states: 37.7% idle, 40.2% user, 22.1% kernel, 0.0% iowait, 0.0% swap
Memory: 2048M real, 36M free, 2429M swap in use, 2979M swap free
PID USERNAME LWP PRI NICE SIZE RES STATE TIME CPU COMMAND
10828 mwadmin 129 59 0 0K 0K run 148.1H 24.83% ns-slapd
9466 mwadmin 70 59 0 151M 65M sleep 743:06 1.98% ns-httpd
10738 root 1 59 0 4240K 1032K sleep 34.3H 1.73% top
26298 root 1 0 0 4096K 1696K cpu 0:00 1.51% top
5759 root 9 59 0 14M 96K sleep 851:54 0.77% cctransport
13378 ward 1 59 0 0K 0K sleep 1:23 0.57% prstat
25284 root 1 59 0 68M 27M sleep 561:22 0.50% mixer_applet2
10005 mwadmin 1 59 0 68M 27M sleep 604:43 0.49% mixer_applet2
10003 mwadmin 1 59 0 69M 2600K sleep 306:12 0.25% gnome-netstatus
25282 root 1 59 0 69M 2664K sleep 274:36 0.23% gnome-netstatus
9881 mwadmin 1 59 0 17M 11M sleep 241:04 0.21% Xvnc
9896 root 1 59 0 17M 6856K sleep 245:53 0.19% Xvnc
9911 root 1 59 0 15M 5512K sleep 159:38 0.13% gconfd-2
9901 mwadmin 1 59 0 15M 5576K sleep 157:18 0.13% gconfd-2
7962 mwadmin 45 59 0 0K 0K sleep 749:45 0.10% ns-slapd
any advice would be great.
Darren

Darren,
For this error:
[03/Oct/2008:11:58:25 -0600] - DEBUG - conn=-1 op=-1 msgId=-1 - PR_SetSocketOption(PR_SockOpt_NoDelay) failed, error -5962 (The value requested is too large to be stored in the data buffer provided.)
some other stuff in the log file:
[03/Oct/2008:11:48:25 -0600] - DEBUG - conn=-1 op=-1 msgId=-1 - PR_SetSocketOption(PR_SockOpt_NoDelay) failed, error -5962 (The value requested is too large to be stored in the data buffer provided.)
Solution/Notes:_
The below errors are "informational" in nature.
This is not an issue with the directory server, but with a connection to the directory server and whatever(device,script, or application) is attempting this connection.
These informational errors you are seeing in the logs are typically related to incoming connections from a load balancer or switch.
It is usually some device,script or application doing monitoring of the LDAP server,port or connection.
It is found that one of the biggest culprits to be the Cisco Content Switch or load balancer.
Generally the cause of this error is a "sticky bit" setting within the Cisco Content Services Switch that is causing these errors.
These load balancers periodically ping the servers (every five seconds) to verify that they are alive.
After turning off the "sticky bit" setting, which disables the ping to the server every 5 seconds, the errors will no longer show up.
The best course of action is to find the client doing this kind of monitoring and change it's behavior.You can look at the directory server's access log for B1 errors (the same client causing the PR accept errors in the errors log will cause B1 errors in the access log) at the same time you see these errors in the errors log. Then back track the connection in the access log to find the connectiing IP address of the clienton the first BIND.
If you can not determine the client causing these errors and are concerned about your errors logs filling up then you can either turn off this error logging.
This can be done dynamically on the server with a ldapmodify command:
cd /install-root/shared/bin or cd /var/opt/mps/serverroot/shared/bin
./ldapmodify -p port -h hostname -D "cn=Directory Manager" -w password
dn: cn=config
changetype: modify
replace: nsslapd-infolog-area
nsslapd-infolog-area: 0
If you don't want to do that then you can try and modify this attribute.
"nsslapd-nagle
When the value of this attribute is off, the TCP_NODELAY option is set so that LDAP responses
(such as entries or result messages) are sent back to a client immediately.
When the attribute is turned on, default TCP behavior applies.
That is, the sending of data is delayed, in the hope that this will enable additional data to be grouped into
one packet of the underlying network MTU size (typically 1500 bytes for Ethernet)."
This will require you to stop and restart the server.
NOTE: Below is the suggested fix, however, please apply this at your own discretion as this may or may not fix the issue. It depends on the client making these connections.
1. Stop the directory server
2. Edit the dse.ldif configuration file
3. In the "cn=config
" entry, add the attribute "nsslapd-nagle" with a value of "on".
4. Start the directory server.

Sharepoint 2013 BI solutions using Performance point services is can be compatible with Analysis server 2008 R2?

HI
In Sharepoint 2013 BI solutions using Performance point services is can be compatible with Analysis server 2008 R2?
here in sp 2013 i upgraded sp 2010 BI site and when i open dashboard pages they not display the pointers.
and when i open dashboard designer i was unable to connect Analysis server 2008 R2 where data source exists
adil

Hi
1) here i migrated a Publishing web applications and bi sites to 2013 sucessfully, this site is enable anonymous access
2) Installed SQLSERVER2008_ASADOMD10
3) added performance point service application pool account as a db_owner and data read access permission to content database and added permission to unattended service account to SSAS server .
3) and after i was able to connect to SSAS data soruces.
here when i open dashboards with administrator user , this user able to view dashboards
but when external user able to view dashboards it asking authentication and throws error.
Log Name: Application
Source: Microsoft-SharePoint Products-PerformancePoint Service
Date: 3/15/2015 11:59:02 AM
Event ID: 1101
Task Category: PerformancePoint Services
Level: Error
Keywords:
User: NT AUTHORITY\IUSR
Computer: TSharepint2013.test.com
Description:
An exception occurred while rendering a Web control. The following diagnostic information might help to determine the cause of this
problem:
Microsoft.PerformancePoint.Scorecards.BpmException:
The scorecard no longer exists or you do not have permission to view it.
PerformancePoint Services error code 20700.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-SharePoint Products-PerformancePoint Service" Guid="{A7CD5295-CBBA-4DCA-8B67-D5BE061B6FAE}" />
<EventID>1101</EventID>
<Version>15</Version>
<Level>2</Level>
<Task>1</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2015-03-15T08:59:02.151586300Z" />
<EventRecordID>149327</EventRecordID>
<Correlation ActivityID="{54EDF29C-9842-C025-E404-2869814A5DF0}" />
<Execution ProcessID="8120" ThreadID="7816" />
<Channel>Application</Channel>
<Computer>TSharepint2013.test.com</Computer>
<Security UserID="S-1-5-17" />
</System>
<EventData>
<Data Name="string1">An exception occurred while rendering a Web control. The following diagnostic information might help to determine the cause of this problem:
Microsoft.PerformancePoint.Scorecards.BpmException:
The scorecard no longer exists or you do not have permission to view it.
PerformancePoint Services error code 20700.</Data>
</EventData>
</Event>
adil

Can't access my Directory Server using the Console installed on a machine

can't access my Directory Server using the Console installed on a remote server, lookied into knowledge base article 4693, but still same any idea ?

I too am having problems accessing Directory server from Netscape Console installed on Winxp.
If I try to open Directory server it doesn't give any error. No windows nothing.
If I try th same from the machine on which it is installed everything is fine. What is strange is that it did open a couple of times. But at the same time I can open the admin server, Netscape Messaging server from the xp box. Searching all over for a solution. Any help/pointers would be greatly appreciated.
Config details:
iDS4.13, iMS 5.0, running on Sol 8 box
Netscape Console 4.2 on WinXP.
Thanks

Can't synchronize with iTunes Ipod 4g

I can't synchronize with iTunes anymore, since the second day I've got my iPod 4g 2 weeks ago.
iTunes says "iTunes can't make a backup of *ipod name*, because the ipod is disconnected" (I've got the dutch version, tried to translate it as good as possible).
I allready tried to uninstal itunes and instal it again, but that didn't worked.
any other ideas?
edit: and now I have a second error, 13010
Message was edited by: jovano

Have you sync'd it with any other computer before?

Can't sync with exchange server after updating to ios 5.1.1

I can't sync with exchange server after upgrading to ios 5.1.1. have restored and reset phone and also have deleted the account and added back in; still no luck

+1// help

HT5085 hi, i bought itunes match yesterday, and i can not connect with the server. Error 4010 appear ever time when i want to entry on Itunes match.Thanks

i bought itunes match yesterday and i can not connect with the server. Error 4010 appear every tiem when i want to entry on itunes match.
Thanks

Here are some things to try:
Close itunes
Check your internet settings.
Control Panel – Internet Options – Advanced
Check SSL 3.0 and TLS 1.0
Uncheck “Check for server certificate revocation (requires restart)”
Click Apply
Click Okay
Open itunes and try again
And, you don't need to turn off the firewall, just add itunes and itunes helper to your security software firewall.

TS3899 I was on ios 6.1. and i received a email from Microsoft outlook saying "Your phone won't be able to synchronize with the server via Exchange ActiveSync because of an access policy defined on the server."

However i have now updated to the latest ios 7.0.2, and i am still unable to synchronize with the server via Exchange ActiveSync.
Please advice.

i did, and the tech cust. service rep. told me to contact Apple

Can I install Portal server 6.1 with Directory server 5.2

Hi,
Can I install Sun ONE Portal Server 6.1 with Sun ONE Directory Server 5.2 that is an existing installation? I have checked iPS 6.1 installation guide that mentioned iDS version should be 5.1.
Thanks a lot,
Yu Mao

Identity server 6.0 SPx has not been certified/tested on DS 5.2.
IS 6.1 will support DS 5.2.

All sub-folders in Mac Mail cannot synchronize with Exchange Server 2010

Hi all,
All sub-folders under Inbox in Mac Mail cannot be synchronized with Exchange Server 2010. There are 2GB messages size in Inbox folder and 500MB messages size under Inbox's sub-folders. All messages can be sent out and received and it can work in Outlook 2007 and Outlook 2010 normally. However, all messages in sub-folders cannot be synchronized (empty sub-folders).
Does this problem relate to message synchronization order of Mac Mail with Exchange Server? Do all sub-folders messages be synchronized after synchronization complete of Inbox? The synchronization of sub-folders will not happen if the synchronization of Inbox does not complete, doesn't it?
All messages synchronization is over internet. Can anybody help?
Thanks a lot
DT1640759

Hi,
1.please check the mailbox send and receive quota for exchange 2013 migrated mailbox.
2.Please check the email attributes of the exchange 2013 migrated mailbox because it seems to be a problem with that particular mailbox.
3.Then do the message tracking and that would be the only way to find the where the send messages has gone.
4.Please check and confirm you have an enough space on the disk where exchange queue database is residing.
I think I need to create a receive connector in the 2013 to receive from 2010 ?
No need ,by design exchange 2013 cas server default frontend receive connector will be having an
entire ipv4 and ipv6 segment and anonymous connection is checked by default.
I think I also need to create a send and receive connector for 2013 users to each other?
No need , an intra organisation send connector and the default receive connectors in exchange will be used
for internal mail flow between the exchange 2013 users.
Please reply me if you have any queries .
Regards
S.Nithyanandham
Thanks S.Nithyanandham

Help me, please. Can't Install SunONE Directory Server 5.2 Beta 3 on Solari

I try to install DS on SUN ULTRA 10 with Solaris 9. We don't use internal DNS server but external one.
Cannot start console. Always I have an error:
starting up server ...
ERROR<38917> -Startup -conn=-1 msgId=-1 - Configuration error Can't find localhost name.
error:Server not running!! Failed to start ns-slapd process.
system_errno:2
Configuration of Directory Server succeededConfiguratin of the admin server Failed
The configuration is folowing:
/etc/hosts:
127.0.0.1 localhost
192.168.1.105 iplanet iplanet.mydomain.nam
/etc/resolv.conf:
search mydomain.nam
nameserver xxx.xxx.xxx.xxx
nameserver yyy.yyy.yyy.zzz
/etc/nsswitch.conf:
hosts: files dns
/etc/defaultrouter:
192.168.1.1
/etc/hostname.hme0:
iplanet
/etc/nodenam:
iplanet
/etc/netmasks:
192.168.1.0 255.255.255.0
Does anybody knows what's goin on?
Thanks in advance.
Marat.

It is not possible to obtain the Sun ONE Directory Server 5.2 BETA Software. There are various reasons, one is the BETA program has been closed for sometime now. The RR of the Sun ONE Directory Server 5.2 should be available at the end of May.
Regards
-Michael
Sun Microsystems, Inc.

Ldap client with directory server 6.0 on solaris 9 systems

I have a directory server 6.0 running on a solaris 9 system. I have set up idsconfig, vlvindex and certificate database on the server side. The client ldap I am trying to set up is also solaris 9 system. I have set the certificate database on this ldap client using the Resource Kit certutil and import the server certificate to client certificate database. It seems the TLS secure connection did work between LDAP server and client. (I use the Resource Kit ldapsearch command to test it) I use 'ldapclient -v init ...' command using 'profileName=tlsprofile' to initialize the LDAP client and the information returned from that command said LDAP client configed sucsessfully. But when I run ldapaddent command to import /etc/passwd. I got error:
Passwd container does not exist.
The ldapaddent command I ran like this:
ldapaddent -v -f <passwd file> -D "cn=Directory Manager" passwd
Then I tried to use 'ldapclient -v manual ....' command to set up LDAP client. That command finishes succefully. But I still can not import /etc/passwd using ldapaddent with same error.
What is wrong with my set-up?
Thanks,
--xinhuan

I looked into the /var/adm/messages, and I have the following error:
ldap_cachemgr[1640]: [ID 605618 daemon.error] libldap: CERT_VerifyCertName: cert server name 'directory server' does not match 'hostname.mycompany.com': SSL connection denied
It seems I have problem with SSL certificate set-up. I did generate the server side 'hostname.mycompany.com' certificate then use the Resource Kit certutil import that certificate to the client side. Is that right way to do?
Thanks,
--xinhuan

Can't synchronize with Directory Server

Similar Messages

Maybe you are looking for