Identity Synchronization for Microsoft 1.0 password synchronization failure

Similar Messages

• ODMS 11g (11.3.0.0.0) for Microsoft Windows install repwizard.bat failure and resolution

  Hello,
  I'd like to share my experience with installing Oracle Database Mobile Server 11g (11.3.0.0.0) for Microsoft Windows. Hopefully this can be resolved in a future release or this workaround can help someone else.
  This was a new installation on Windows 2008 R2 server. The repository is to be in Oracle Standard database 11.2.0.3 64 bit. GlassFish 4 had been installed previously for Oracle APEX. Java version is 1.7.0_45.
  During the repwizrd.bat process, the progress would stop at 95% on the "installing Mobile Server" step.
  Examining the logs in the MobileServer home folder (D:\oracle\MobileServer11gR3_1\Mobile\Server) showed errors with the MOBILEADMIN  user.
  The workaround is to manually create the MOBILEADMIN user. Once the user MOBILEADMIN  was created manually with the unlimited quota on the USERS tablespace the repwizard process seems to be happy with everything and completed successfully.
  This makes no sense since the SYSTEM password was provided. I am suspecting that this script was developed with an existing installation and not tested in a completely clean environment and therefore a bug.

  thank you for the feedback.   Did you work at all with ORacle support on this issue?  We do our internal testing on clean environments.  I would like to understand in more detail what happened here because if there is a bug in the install code, I would like to get it addressed.  Feel free to email me directly on this.  [email protected]
  thanks
  mike

• Specifying folder to synchronize for Microsoft Office users

  Hello,
  We have a couple remote offices with users setup as mobile users.
  These users are using Microsoft Office which saves a folder in ~/documents/Microsoft user data files
  The remote offices connect to the main office using a slow connection ( Cable Modem and DSL ).
  After doing some research I noticed that when a user has Microsoft Entourage opened the machine keep synchronizing with the main server.
  I think that the reason why it is happening is because Entourage uses some kind of database ( PST file ) to run the software and a slightest changes in the PST file ( let's say an email being received ), initiates a synchonization.
  All of this to ask:
  - is there a way to filter out a subfolder inside the ~/Documents folder ?
  - Or is there a way to schedule the synchronization to occur only one an hour ?
  Thanks

  It seems that we solved the issue by moving that folder somewhere else than the home folder then creating an alias in the ~/Documents folder.
  Office thinks that the folder is still in ~/Documents and Mac OS only syncs the alias but not the content of the Office folder.
  To reply to your answer though. As far as I have seen, anything that is in ~/Documents is being synchronized.
  If there is a folder called Microsoft user Data that it 20 MB in there it will get synchronized as well.
  Thanks

• Key for Microsoft office in password protected document

  I bought a used Mac. The apple certified store navigated my old drive to the new machine. Now office wants the key. I save the key in a password protected document in Word so the old select the document hit the space bar doesn't work. Any ideas?

  I think you need a different company's forum:
  Office for Mac forums
  Not a lot of Office users reporting in here, whereas the MS forum I linked is very active and you may get help directly from an MS Mac Business Unit employee. Great place for Office issues.

• Issue with GPO "WSE Group Policy Password Synchronization"

  When I started my migration of SBS2011 to  2012r2 with essentials service I noticed this GPO appear which I assume is for passwords to be synced to the cloud however when I implemented group policy from essentials the dashboard crashed and the typical
  GPO's that it creates weren't there and only the folder-redirection was present it was also blank so I deleted it (I didnt delete the GPO "WSE Group Policy Password Synchronization" )
  I then re-launched the dashboard and ran through the process again, it worked what a treat! except the GPO for "WSE Group Policy Password Synchronization"
  appears to be blank, I remember it pointing to a ps file but I dont know what ps file and how to recreate it, along with to confirm what it does. Sadly I have no GPO backup to go back to.
  any help on this would be much appreciated 
  Cheers 

  Hi,
  à
  however when I implemented group policy from essentials the dashboard crashed
  Based on your description, I understand that Dashboard crashed when implemented group policies (some WSE Group
  Policy).
  àthe typical
  GPO's that it creates weren't there and only the folder-redirection was present it was also blank so I deleted it (I didnt delete the GPO "WSE Group Policy Password Synchronization")
  Did you mean that deleted the ‘WSE Group Policy Folder Redirection’? Would you please let me know whether do
  any operation for the ‘WSE Group Policy Password Synchronization’? Meanwhile, please check if other WSE Group Policy also was
  No Settings defined in Settings tab (as your ‘WSE Group Policy Password Synchronization’ picture showed).
  àSadly I have
  no GPO backup to go back to.
  Please start a BPA scan and check if find relevant issue. If no GPO backup, it seems that not be able to help
  us to restore group policy objects. By the way, did you have a Full server backup?
  If anything I misunderstand or any update, please feel free to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• Can PeopleSoft act as a Identity Provider for Federation?

  Hi All,
  We would like to know about a trust federation (SSO) with PeopleSoft and following is my question:
  Can we use PeopleSoft as a Identity Provider for Federation Scenarios? we would like to onboard PeopleSoft as a Identity Provider for Microsoft ADFS v2, in this regard we want to know whether PeopleSoft expose a FederationMetadata.XML to any Federation Service providers that are there in exisisting market...?
  ADFS : Active Directory Federation Services
  Thanks & Regards,
  VDeevi.

  As of SAP IdM 7.20 (which runs as a component on the SAP Java Application Server) SAML 2.0 as identity provider is supported.
  So it is not just any SAP J2EE system (e.g. EP) and also not all releases.
  I was also disappointed by this
  Cheers,
  Julius

• What is happening about Java System Identity Synchronization for Windows

  I have been playing with "Java System Identity Synchronization for Windows" for a while now. I am about to swich over to is 100%, but I am worried that the latest version is "Windows 1 2004Q3".
  Has any one got any ideas about this. The product sort of works, and is much smaller that going for the whole "Java System Identity Management Suite 2005Q4" which is way to big and complicated for our and I think many people.
  Don't forget Microsoft have now release its own tools to do this in the latest Windows 2003 SP.
  Andrew

  ISW is already present in the 5.2p4 and 5.2p6 archives.
  dn: cn=pswsync,cn=plugins,cn=config
  objectClass: top
  objectClass: nsSlapdPlugin
  objectClass: ds-signedPlugin
  objectClass: extensibleObject
  cn: pswsync
  nsslapd-pluginPath: /export/home/abc/local/ds52p6/lib/psw-plugin.so
  nsslapd-pluginInitfunc: pswsync_init
  nsslapd-pluginType: preoperation
  nsslapd-pluginEnabled: off
  creatorsName: cn=server,cn=plugins,cn=config
  modifiersName: cn=server,cn=plugins,cn=config
  createTimestamp: 20090121011643Z
  modifyTimestamp: 20090121011643Z
  nsslapd-pluginId: Identity Sync for Windows
  nsslapd-pluginVersion: 5.2_Patch_6
  nsslapd-pluginVendor: Sun Microsystems, Inc.
  nsslapd-pluginDescription: Identity Synchronization for Windows Plug-In

• Can't configure Identity Synchronization for Windows through Server Console

  Hi everybody!
  I am trying to get Sun Java System Directory Server EE talking with Windows Active Directory buy my progress has come to a halt getting Identity Synchronization for Windows 6 configured and working. I would appreciate any hints!
  Here are the steps I have taken:
  1. I installed Directory Server Enterprise Edition 6.3.1 using native packages, no problems there (in terms of adding resources to directory, browsing them, etc).
  2. I installed the Message Queue (3.6 05Q1) that is bundled with the zip archive of DSEE
  3. I installed Identitty Synchronization for Windows (6), that is bundled with the zip archive of DSEE
  4. Logged into Sun Java System Server Console as per instructions after install.
  Here is where I am stuck!
  I logged in, but something is really weird! Here is what my structure looks like in the default view:
  domain name
  +Server
  ++Server Group [desc: Directory Server 6.0 /opt/SUNWdsee/ds6]
  ++Server Group (1) [var/mps/serverroot]
  +++Administration Server
  +++Identity Synchronization for Windows [details are totally blank... even icon is an empty blue square!]
  This is the second time I went through the process of installing all this stuff, I made sure to pay attention to the installation instructions as best as I could, but I am very new to Solaris and unfortunately am on an extremely tight deadline.
  I am suspecting the problem has something to do with ports or directories, but my knowledge of Solaris is not even at a level where I can troubleshoot this by myself. Even if you have some advice that seems stupid to you, please let me hear it! I am pretty stupid, I might benefit from it!!
  Please, if anyone has any hints or suggestions, I would love to hear them. Like I said, I configured all this while following the installation guides, but I am worried I missed something or misunderstood something.
  Thanks in advance,
  Al
  Edited by: newtmonkey on May 25, 2009 2:05 AM

  Hello wlier, thanks for all your help with this! I really appreciate it.
  Reinstalled this whole thing, and at least I got everything under one server group... still can't access ISW though... it is listed in the leftside pane, but when I click on it the rightside pane goes completely blank.
  ~status of idsnyc is:
  -no connectors were found
  -System Manager Status: Started
  next step is "1. create an initial configuration using the product's console..."
  ~installed/configured everything as root
  ~no errors generated when I login to the console, but when I expand the hostname in the leftside pane I get the following error:
  Exception in thread "Thread-2" java.lang.UnsatisfiedLinkError: /usr/lib/mps/libjss4.so: ld.so.1: java: fatal: libnss3.so: open failed: No such file or directory
  at java.lang.ClassLoader$NativeLibrary.load(Native Method)
  at java.lang.ClassLoader.loadLibrary0(ClassLoader.java:1751)
  at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1676)
  at java.lang.Runtime.loadLibrary0(Runtime.java:822)
  at java.lang.System.loadLibrary(System.java:993)
  at org.mozilla.jss.CryptoManager.loadNativeLibraries(CryptoManager.java:1443)
  at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:912)
  at com.netscape.management.client.util.UtilConsoleGlobals.initJSS(Unknown Source)
  at com.netscape.management.client.util.UtilConsoleGlobals.getLDAPSSLSocketFactory(Unknown Source)
  at com.sun.directory.wps.ui.gui.view.PSWServer.<init>(PSWServer.java:71)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
  at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
  at java.lang.Class.newInstance0(Class.java:350)
  at java.lang.Class.newInstance(Class.java:303)
  at com.netscape.management.client.topology.ServerNode.createServerInstance(Unknown Source)
  at com.netscape.management.client.topology.ServerNode$ServerLoadThread.run(Unknown Source)
  ~If "run the Administration Server from the Server Group" means what I think it means, I can do that with no problem. I can double click on the Administration Server and configure various options, start/stop the server, etc.
  ~I just have one interface/hostname configured, and the Server Console shows the correct name
  It's like it's not making the connection to the ISW server (btw, it is listed as "isw-solaris1"... is this okay? "solaris1" is the hostname for this server). From what I understand after logging in to Server Console as Directory Manager, it should be asking me for a password to access ISW, but I don't any kind of login/password prompt.
  I should be logging in to Server Console on the port I configured during ISW installation, right? In my case, port 1390.
  We don't have a service plan and I doubt my company would want to spring the cash for it, so I'm pretty much stuck!!

• Installing DS Plug-in for Identity Synchronization for Windows

  Hello! We installed Sun Java Communications Suite 5 (with Directory Server Enterprise 6.0) on Linux Red Hat ES.
  Now We want install Identity Synchronitation for Windows but there isn't the supported version for Linux red Hat ES (only for Linux Red Hat AS, Windows 200-2003 and Solaris).
  I thought that it isn't a problem: I install Identity Synchronization on Windows 2003 and I can synchronize my LDAP on Red Hat ES and my AD on Windows. But I have this question: can I install the Directory Server Plug-in on Red Hat ES?
  If the answer is not, I have to migrate my LDAP to another supported platform. Can I install the Directory Server Enterprise Edition version I have in Sun Java Communications Suite 5, or is it better that I install the new Directory server Enterprise Edition version?
  Thank you very much
  Mary

  Hello Nicolas,
  Thank you for taking the time to look into this. I am very much aware of your great blog entry and I'd like to take the opportunity to thank you for posting it. It's just that I don't find PSEM plug-in version 8.51 on edelivery for Linux x86 32-bit to install it, that's why I used version 8.52. Maybe I missing something on edelivery ... Can you point me to where PSEM plug-in version 8.51 for Linux x86 32-bit exists and I can try that instead ? This is the link I use and I don't see version 8.51:
  https://edelivery.oracle.com/EPD/Download/get_form?egroup_aru_number=14217144
  FYI, the error gets raised immediately after I supply the host name for the grid control, SYS password , port 1521 and then click next :( . The installation continues after that but doesn't install the plug-in.
  Quick question since you are here :) : in PeopleBooks they say to uninstall the PSEM plug-in, run the script @PSEMDROPALL.sql , but they didn't mention which user to run against (I should know but unfortunately I don't), whom should I run this script against SYS or SYSMAN ?
  Regards.
  Tulip

• Error while installing "Identity Synchronization for Windows"

  Hello All,
  I am in the middle of installing Identity Synchronization for Windows and I am running into a probelm.
  After I gave the ldap address of the Java Directory server, (which is installed in the same machine that I am installing ISW on), then I specified the "Configuration Root Suffix" , and then I gave the "cn=Directory Manager" credentials, It returns an error saying...
  The selected Directory Server is not a configuration
  directory server. You must select a directory server that
  has "o=netscaperoot". Please note that merely adding the
  +"o=netscaperoot" entry will not suffice.+
  I am running Solaris 10 (SPARC) on a T2000, and I downloaded the latest version of "Sun Java System Directory Server Enterprise Edition" (6.2 I think it is...is there a way to find out?) and I downloaded ISW (1.1 SP1) from Sun.com...
  Anyone else had this problem? Any solutions? Thanks.
  -C

  That was that !
  The proof:
  possum@laptop ~/Downloads/Sun/Directory Server $ tar tvzf DSEE.6.2.Solaris-Sparc-full.tar.gz | more
  drwxr-xr-x svbld/staff       0 2007-08-21 13:51 DSEE_Directory_Editor/
  -rw-r--r-- svbld/staff 3154227 2006-10-23 15:23 DSEE_Directory_Editor/DE_InstallConfigGuide.pdf
  -rw-r--r-- svbld/staff  113483 2006-10-23 15:23 DSEE_Directory_Editor/DE_ReleaseNotes.pdf
  -rw-r--r-- svbld/staff 9649312 2006-10-23 15:23 DSEE_Directory_Editor/de.class
  -rw-r--r-- svbld/staff     178 2006-10-23 15:23 DSEE_Directory_Editor/install.bat
  -rw-r--r-- svbld/staff     167 2006-10-23 15:23 DSEE_Directory_Editor/install.sh
  drwxr-xr-x svbld/staff       0 2007-08-21 13:53 DSEE_Identity_Synchronization_for_Windows/
  -rw-r--r-- svbld/staff     831 2007-08-21 13:53 DSEE_Identity_Synchronization_for_Windows/README.txt
  drwxr-xr-x svbld/staff       0 2006-11-07 01:32 DSEE_Identity_Synchronization_for_Windows/installer/
  drwxr-xr-x svbld/staff       0 2006-11-07 01:16 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/
  drwxr-xr-x svbld/staff       0 2006-11-07 01:17 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/
  drwxr-xr-x svbld/staff       0 2006-11-07 01:16 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/
  drwxr-xr-x svbld/staff       0 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/
  drwxr-xr-x svbld/staff       0 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/resources/
  -rwxr-xr-x svbld/staff  186114 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/resources/ASSetupResources_zh.properties
  -rwxr-xr-x svbld/staff  163040 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/resources/ASSetupResources_es.properties
  -rwxr-xr-x svbld/staff  163040 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/resources/ASSetupResources_es_ES.properties
  -rwxr-xr-x svbld/staff  184456 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/resources/ASSetupResources_zh_TW.properties
  -rwxr-xr-x svbld/staff  233399 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/resources/ASSetupResources_ko.properties
  -rwxr-xr-x svbld/staff  233399 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/resources/ASSetupResources_ko_KR.properties
  -rwxr-xr-x svbld/staff  162199 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/resources/ASSetupResources_de.properties
  -rwxr-xr-x svbld/staff  162199 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/resources/ASSetupResources_de_DE.properties
  -rwxr-xr-x svbld/staff  172057 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/resources/ASSetupResources_fr.properties
  -rwxr-xr-x svbld/staff  172057 2006-10-25 14:45 DSEE_Identity_Synchronization_for_Windows/installer/admserv_package/setup_data/l10n/locale/resources/ASSetupResources_fr_FR.propertiesSo, we need both packaging: native PKG and tar.gz ! Great !
  I think this thread can be marked as resolved now.

• I can't resync and uninstall Identity Synchronization for Windows 1.0

  Hi, every body.
  I downloaded and installed Identity Synchronization for Windows 1.0 on Solaris 8.
  But I can't execute idsync resync comannd. The below error message is output on console,
  # ./idsync resync -h crow.bird.soft.hitachi.co.jp -p 3890 -D cn=manager -w managersecret -q netscape -s dc=bird,dc=soft,dc=hitachi,dc=co,dc=jp
  Exception in thread "main" java.lang.NoClassDefFoundError
  at com.sun.directory.wps.registry.model.dao.LDAPConfigurationRegistryDAO.initializeEncryptor(LDAPConfigurationRegistryDAO.java:756)
  at com.sun.directory.wps.registry.model.dao.LDAPConfigurationRegistryDAO.open(LDAPConfigurationRegistryDAO.java:721)
  at com.sun.directory.wps.registry.util.BasicRegistryFacade.openRegistry(BasicRegistryFacade.java:120)
  at com.sun.directory.wps.registry.util.BasicRegistryFacade.openRegistry(BasicRegistryFacade.java:211)
  at com.sun.directory.wps.ui.model.PSWConfigurationFacade.openRegistry(PSWConfigurationFacade.java:1126)
  at com.sun.directory.wps.ui.model.PSWConfigurationFacade.openRegistry(PSWConfigurationFacade.java:1114)
  at com.sun.directory.wps.ui.cli.CRCLIProgram.getConfigurationFacade(CRCLIProgram.java:64)
  at com.sun.directory.wps.ui.cli.RefreshUsers.execute(RefreshUsers.java:283)
  at com.sun.directory.wps.ui.cli.ResyncUsers.<init>(ResyncUsers.java:54)
  at com.sun.directory.wps.ui.cli.IdSyncProgram.execute(IdSyncProgram.java:94)
  at com.sun.directory.wps.ui.cli.IdSyncProgram.<init>(IdSyncProgram.java:129)
  at com.sun.directory.wps.ui.cli.IdSyncProgram.main(IdSyncProgram.java:135)
  And I can't execute runUnInstaller.sh too becasu same error messages in logs/cli/error.log file.
  Both error outputs same message "org/apache/xerces/utils/Base64" in log files, so I think CLASSPATH is wrong.
  In runUninstaller.sh, below jar file name are written -classpath arguments.
  /usr/share/lib/mps/jss3.jar
  /usr/sfw/share/lib/xerces-200.jar
  These Are settings correct?
  If these settings are wrong, resync is set by same wrong settings in binary code?
  Please tell me how to resync and to uninstall Identity Synchronization for Windows 1.0.

  I mistakes log file name.
  I wrote:
  And I can't execute runUnInstaller.sh too becasu same error messages in logs/cli/error.log file.But runUnsitaller.sh outputs to /var/sadm/install/logs/Uninstall-xxxxxxx.log.
  logs/cli directory is where idsync command outpus error.log and audit.log.
  Sorry.

• Unable to download Sun Java System Identity Synchronization for Windows

  Please any one can help me How can i download Sun Java System Identity Synchronization for Windows
  * Sun Java System Directory Server ---------------------able to download
  * Sun Java System Directory Proxy Server --------------able to download
  * Sun Java System Identity Synchronization for Windows-------------Not able to download
  * Sun Java System Directory Editor------------------------able to download
  * Sun Java System Directory Server Resource Kit------able to download
  Regards
  kamal

  ISW is already present in the 5.2p4 and 5.2p6 archives.
  dn: cn=pswsync,cn=plugins,cn=config
  objectClass: top
  objectClass: nsSlapdPlugin
  objectClass: ds-signedPlugin
  objectClass: extensibleObject
  cn: pswsync
  nsslapd-pluginPath: /export/home/abc/local/ds52p6/lib/psw-plugin.so
  nsslapd-pluginInitfunc: pswsync_init
  nsslapd-pluginType: preoperation
  nsslapd-pluginEnabled: off
  creatorsName: cn=server,cn=plugins,cn=config
  modifiersName: cn=server,cn=plugins,cn=config
  createTimestamp: 20090121011643Z
  modifyTimestamp: 20090121011643Z
  nsslapd-pluginId: Identity Sync for Windows
  nsslapd-pluginVersion: 5.2_Patch_6
  nsslapd-pluginVendor: Sun Microsystems, Inc.
  nsslapd-pluginDescription: Identity Synchronization for Windows Plug-In

• Identity Synchronization for Windows: AD connector failure

  I've recently setup ISW in order to synchronize my primary AD domain and my newly installed directory server instance. The ISW core, connectors and plug-in installs are completed.
  I ran the final idsync resync to populate directory server from AD and that ran successfully. I then ran an idsync startsync and saw that synchronization was started on all components of the system.
  - The Synchronization, Configuration Directory, Message Bus and System Manager are all in the "Started" state.
  - The AD (CNN101) and Directory Server (CNN100) directory sources are in the SYNCING state
  idsync printstat output as follows:
  Exploring status of connectors, please wait...
  Connector ID: CNN100
  Type: Sun Java(TM) System Directory
  Manages: dc=domain,dc=com (ldaps://ldap1.domain.com:636) (ldaps://ldap2.domain.com:636)
  State: SYNCING
  Installed on: ldap1.domain.com
  Plugin SUBC100 is installed on ldaps://ldap1.domain.com:636
  Plugin SUBC101 is installed on ldaps://ldap2.domain.com:636
  Connector ID: CNN101
  Type: Active Directory
  Manages: ne.domain.com (ldaps://london.ne.domain.com:636) (ldaps://winads02.ne.domain.com:636) (ldaps://winads03.ne.domain.com:636) (ldaps://winads04.ne.domain.com:636) (ldaps://winads05.ne.domain.com:636) (ldaps://winads01.ne.domain.com:636)
  State: SYNCING
  Installed on: linopsldp01.prod.domain.com
  Sun Java(TM) System Message Queue Status: Started
  Checking the System Manager status over the Sun Java(TM) System Message Queue.
  System Manager Status: Started
  SUCCESS
  I then try to login to a linux client system to complete the on-demand password synchronization. However, when I do that I see the following in the directory server that is handling the request's error log:
  [30/Sep/2009:16:51:49 -0400] - WARNING<38783> - isw - conn=17 op=1 msgId=3 - Plugins authentication cannot be completed, because no domain controller (ldaps://winads01.ne.domain.com:636 ldaps://london.ne.domain.com:636 ldaps://winads02.ne.domain.com:636 ldaps://winads03.ne.domain.com:636 ldaps://winads04.ne.domain.com:636 ldaps://winads05.ne.domain.com:636) is available to verify credentials for user uid=user,ou=people,dc=domain,dc=com
  In the CNN100 logs I see the following error on both directory server plugin sub-components:
  "DS Plugin (SUBC101): authentication to Active Directory server at ldaps://winads01.ne.domain.com:636 failed (bind DN: CN=iswadm,OU=Service Accounts,DC=ne,DC=domain,DC=com), error(81): Can't contact LDAP server"
  I know that connectivity to the domain controller listed is fine and I can reach port 636 on that host from both directory servers. I don't understand how the connecters can be in the SYNCING state if there is no connectivity to them and I went through the entire setup previous to this with no issues. I've restarted the DS instances and ISW with no luck. Has anyone seen this sort of problem before? Any ideas on a fix/further troubleshooting would be greatly appreciated.

  Thanks for the pointer to the SSL certificates. It turns out that some of the AD controllers were reporting expired certificates even though they had updated and valid certs. A reboot of those domain controllers fixed that issue.
  I now have an issue in completing the on-demand password synchronization process when my client systems are pointed at the directory proxy server systems. I can complete the operation and login when the client is pointing directly at one of the directory servers:
  [09/Oct/2009:00:58:12.584 -0400] INFO 40 CNN100 ldap01.prod.domain.com "DS Plugin (SUBC100): on-demand validation has been successfully completed for 'uid=user,ou=people,dc=domain,dc=com' by authenticating the user against ldaps://winads01.ne.domain.com:636"
  Do I need to add some schema to the directory proxy servers or add some control for dspsqpassword/dspswvalidate operations? I'm looking through both DPS and DS logs now in hopes of finding something.
  Any additional pointers are appreciated.

• Identity Synchronization for Windows- still supported?

  Hello,
  I am doing some testing for a customer who is interested in syncing up his Active Directory and System Directory Server information, so I have been trying to build this solution in our lab.
  From what I have read, this can be done with Identity Synchronization for Windows.
  Identity Synchronization for Windows requires that Message Queue be installed.
  I installed Message Queue 4.3 but when I ran the Identity Synchronization for Windows installer I was told that I need the Enterprise Edition of Message Queue (is looking for a license file). However, according to the Sun page on Message Queue, Platform Edition and Enterprise Edition have been rolled into one product.
  So I have three questions. First, is Identity Synchronization for Windows supported on Message Queue 4.3? If so, how to get by the error message asking for Enterprise Edition? If not, is my only alternative to use an older version of Message Queue?
  Thanks in advance,
  Al

  is Identity Synchronization for Windows supported on Message Queue 4.3From the release notes, looks like the answer is no.
  http://docs.sun.com/app/docs/doc/820-2759/additional-software
  When installing Identity Synchronization for Windows, you must specify the path to the version of Message Queue to use. The Identity Synchronization for Windows installation program then installs a required broker into Message Queue, so that Identity Synchronization for Windows can use Message Queue for synchronization.
  On Windows systems, Identity Synchronization for Windows supports only Message Queue 3.6. You therefore install Message Queue 3.6 provided with the Identity Synchronization for Windows bundle.
  Message Queue 3.7 is, however, installed as a Java Enterprise System shared component. On Windows systems by default you can therefore end up with both Message Queue 3.6 and Message Queue 3.7 installed. If you install Java Enterprise System components alongside Identity Synchronization for Windows on a Windows system, be sure Message Queue 3.7 is not selected.
  ---------------

• Get System Identity Synchronization for Windows working in relication mode

  I have got ISW running on DS 5.2 it is all working correctly.
  What I want to do is set up a relica DS server with ISW on it as well.
  What I have done:
  Install DS5.2 on another machine and start replication and it works all data is in the new LDAP server, but I am having problems install the ISW software on the new server.
  Steps:
  1) On original master with ISW installed and tell ISW of a secondery server. It tell me to install connector an that machine.
  2) On my replica server I run "runInstaller.sh" and it all seems to work except when I stop and restart the server I get the followowing errors:
  # /etc/init.d/directory start
  [11/Aug/2006:15:07:38 +0100] - ERROR<4167> - Startup - conn=-1 op=-1 msgId=-1 - System error Load library /opt/SUNWiswdp/lib/64/psw-plugin.so: error ld.so.1: ns-slapd: fatal: /opt/SUNWiswdp/lib/64/psw-plugin.so: open failed: No such file or directory
  [11/Aug/2006:15:07:38 +0100] - ERROR<4140> - plugin_setup - conn=-1 op=-1 msgId=-1 - Configuration error Could not load symbol "pswsync_init" from library "/opt/SUNWiswdp/lib/psw-plugin.so" for plugin pswsync
  [11/Aug/2006:15:07:38 +0100] - ERROR<4112> - Bootstrap config - conn=-1 op=-1 msgId=-1 - Configuration error Unable to load plugin "cn=pswsync,cn=plugins,cn=config".
  Server not running!! Failed to start ns-slapd process.
  /etc/init.d/directory: unable to start the Directory Server 5.2
  I have checked and the above files are not installed well SUNWxrcsj and SUNWiswcm have not be installed.
  Question:
  How do I install ISW on a secondery server. I thought I was following the online docs, but I guess I am missing something.

  Hello All,
  Waiting for any idea for the long time. I am trying again and again by restoring my directory server zone. I have two whole root zones one i am using for sun portal and communication suite 5 and other is for directory server. They are working fine. but when i try to install the Sun Java System Identity Synchronization for Windows 6.0 on directory server zone. Some time it hangs at 97% while installing core and some time it giving error the installer cannot upload some entries in the template this error comes when i restore my directory server zone.
  Can some please give me idea why it giving these error on solaris zone.
  Thanks in Advance,
  Sikander