Password synchronization between two domains

Hey everybody,
we have currently the situation, where we comes to password synchronization between Domain A and Domain B. Trust relationships are not possible caused we need separated authentications between productive network and user tools.
So we would sync from Domain A (windows 2008 R2) --> Domain B (windows 2008 R2)
Domain B would also replicate per Okta to Office365 Cloud.
Now my question, could anyone point me in the right direction, what tools are usefully on the market to accomplish these issues.
Sorry for my limited english.
Best and thanks

You can try using FIM with PCNS to sync passwords from Domain A to Domain B: https://technet.microsoft.com/en-us/library/jj590203(v=ws.10).aspx
As for Office 365, you can simply implement an ADFS platform and federate it so that your users will be using their AD passwords. It is also possible to sync passwords with DirSync.
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile

Similar Messages

Password synchronization between OID and AD - 10.1.2

Hi,
I've some questions about the following issue:
I've tried to setup the password synchronization between OID 10.1.2 and active directory, with the intent of exporting ldap users from OID to AD..
Well, the bootstrap gone fine, but when I tried to activate the export of password in the activexp.map configuration file,
I've obtained this:
*Writer Thread - 0 - [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0*
for each entry I tried to export...
I've opened a SR on metalink and I've received the following answer:
_" As shown by the synchronization profile, currently you have a mapping for the password from OID to AD._
_userpassword: : :person:unicodepwd: :person:_
_According to the documentation, password synchronization requires the directories to be configured for SSL mode:_
    _http://download-uk.oracle.com/docs/cd/B14099_12/idmanage.1012/b14085/odip_actdir003.htm#CHDEFIED_
_18.3.2.8 Synchronizing Passwords_
_You can synchronize Oracle Internet Directory passwords with Active Directory._
   _You can also make passwords stored in Microsoft Active Directory available in Oracle Internet Directory._
   _Password synchronization is possible only when the directories run in SSL mode 2, that is, server-only authentication."_
The SSL setup is the only way to achieve this, or there's another alternative?
Thanks

Yes. It needs to be in SSL.
http://download-uk.oracle.com/docs/cd/B14099_12/idmanage.1012/b14085/odip_actdir003.htm#CHDCJHHB
Some excerpts:
Active Directory Connector uses SSL to secure the synchronization process. Whether or not you synchronize in the SSL mode depends on your deployment requirements. For example, synchronizing public data does not require SSL, but synchronizing sensitive information such as passwords does. To synchronize password changes between Oracle Internet Directory and Microsoft Active Directory, you must use SSL mode with server-only authentication, that is, SSL Mode 2.
-shetty2k

How to ...synchronization between two databases

Hi,
I want to set up automatic synchronization between two databases. For example, database DB1 and DB2 have table t1 and t2 with the same columns. If someone updates a record in table t1, I want automatically update the record in t2 or vice-versa.
How can I make an automatic system like that?

1) What is the business goal you're trying to satisfy? Failover, reporting, replication, geographic co-location, etc. each have their own set of technologies. Explaining what you're trying to accomplish from a business perspective will help us identify which technology (or technologies) to focus on.
2) Are you synchronizing a single table? Or multiple tables? Or all the tables in a schema? Or all the tables in a database?
3) Is there a stable network connection between the boxes?
4) What version of Oracle do you have (10.2, 10.1, 9.2, 9.0.1, etc)? What edition (standard, express, enterprise, etc)?
5) How quickly after a change has been made on DB1 does the change need to reflect on DB2?
6) Am I correct in understanding that you want to be able to change the same row of data on either DB1 or DB2? So the replication needs to go in both directions?
Justin

How to create Trust between two domain

How to create Trust between two domain:
please help

Hi,
By default, two-way, transitive trusts are automatically created when a new domain is added to a domain tree or forest root domain using the Active Directory Installation
Wizard. The two default trust types are defined in the following table. However there have others many types of the AD trust, please refer the following KB to determine which type you need:
Trust types
http://technet.microsoft.com/en-us/library/cc775736%28v=ws.10%29.aspx
More relate KB:
Creating Domain and Forest Trusts
http://technet.microsoft.com/en-us/library/cc740018(WS.10).aspx
The related third party article:
How to configure Forest Level Trust in Windows Server
http://blogs.interfacett.com/how-to-configure-forest-level-trust-in-windows-server
*** This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control
these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the
use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet. ***
Hope this helps.
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

Database mirror between two domain

I setting up database mirror between two domain that will help me migrate from SQL 2008R2 to SQL 2012 :
It is set up as follows:
Domain A(Old domain) - Server A
Domain B (New Domain for HA/DR setup) - Server B and Server C (Already configured as FCI and AG)
I want to migrate data from Server A to Server B using database mirror.
I set up the
Created Master key, endpoint and certificate on the Server A
Created Master key, endpoint and certificate on the Server B
Backup certificate on both sides and copy to each server
Create inbound connections on both principal and mirror partner. Here I created two SQL logins
SQLSrvA_login
SQLSrvB_logi
Grant connect on endpoint to both logins on both principal and mirror partner.
Everything seems ok as can be seen below
Principal partner:
grantee　　　　　　　 endpoint　　　　 permission　 state_desc
SQLSrvA_login Hadr_endpointCONNECT GRANT
SQLSrvB_loginHadr_endpointCONNECT GRANT
Mirror partner:
grantee　　　　　　　 endpoint　　　　 permission　 state_desc
SQLSrvA_login Hadr_endpoint　　CONNECT GRANT
SQLSrvB_login　　 Hadr_endpoint　　CONNECT GRANT
Perform a full db backup and log backup on ServerA and restore to　 ServerB with norecovery
When trying to establish the partnership, it succeeded on the mirror partner ServerB 　　but failed on the principal partner ServerA with the following error
Msg 1418, Level 16, State 1, Line 2
The server network address "TCP://ServerB:5022" can not be reached or does not exist. Check the network address name and that the ports for the local and remote endpoints are operational.
The following error is in the SQL errorlog:
Database Mirroring login attempt failed with error: 'Connection handshake failed. There is no compatible authentication protocol. State 21
Any ideal why this is occurring?
Thanks
Datawarehouse lead Architect

Hi,
Please see this link for possible solution.
http://blogs.msdn.com/b/grahamk/archive/2008/11/21/how-to-configure-database-mirroring-between-2-instances-on-a-standalone-server.aspx
Hope this helps
Bhanu

Toplink cache synchronization between two nodes using tomcat

Hi,
In our appcation we have two nodes. Using websphere we used to synchronize toplink cache between two nodes. Can we do same thing using tomcat.

Yes, TopLink implements cache synchronization using JMS or RMI easily, which are not dependent on the server being used - though it JMS especially does require a JMS provider that is accessible from each node. Cache synchronization is now cache coordination, and is described using JPA properties here:
http://wiki.eclipse.org/EclipseLink/Examples/JPA/CacheCoordination
the Toplink cache synchronization/coordination with JMS | EMBARCADEROS seems to be a good read for cache coordination over JMS, but is more aimed at TopLink's sessions.xml configuration.
Best Regards,
Chris

Replication between two domains is failing. Help!

can you confirm the trust between these two IS a TWO way transitive trust ?
as the description given reads like it is just one way

I have a symptom that I need to solve:I have two domains that are members of a forest with a trust set up between them.I can map drives no problem for users in Domain N where the share exists on Domain A.If I try and do the revers, the mappings don't work.If I try and navigate directly to the share the following error pops up with a request for a username and passord:"The system has detected a possible attempt to compromise security"Entering in the user's credentials works.Trying to troubleshoot it, led me to AD replication issues.AD Replication status tool (which is amazing btw) shows the following errors:Textlast sync result. Dest DC. Dest DC Domain. Dest DC Site Name. Dest DC is GC? Partition Name. Last Sync Message. Source DC. Source DC Domain. Source DC Site Name. Source DC is GC?1256 SGA.DomA.Local DomA.local...
This topic first appeared in the Spiceworks Community

Password synchronization between more clients

Hello All,
Does anyone know how can I do to synchronize the password of user between more than one client; I explain in 46C I have an abap to write the password wher you are logging into other client of the same SAP instance. If you are logged on client 500 the report write the password of user from client 500 to client 600 and client 000.
This report write in USR02 table (USR02-BCODE = PASSWD)
but in ECC6 this report doesn't running
Does anyone explain why ? may be in ECC6 exist another table or something like that
Thanks in advance for your reply
Bernard
[email protected]

You can try using FIM with PCNS to sync passwords from Domain A to Domain B: https://technet.microsoft.com/en-us/library/jj590203(v=ws.10).aspx
As for Office 365, you can simply implement an ADFS platform and federate it so that your users will be using their AD passwords. It is also possible to sync passwords with DirSync.
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile

Data synchronization between two offices

Hi everyone,
After building a database for our growing company, we have a problem with our data and its synchronization. Our company has a rather small, but growing, book warehouse and sells books online. We have been able to deal with orders and stock because sales were not that large.
But today we sell more and more books and the addition of a database means we need to synchronize our data from the warehouse database to the main office one, mainly to be able to know what kind of stock we have. I think we will have to go with a batch syncing scheduled twice a day for now. We have been dealing with Talend open studio so far and enjoy the product.
Do you think Talend will be able to stand that type of operation? What kind of software could be used in this case?
Thanks all!

Hi there,
I don't know Talend and thus cannot say anything about the product.
However, based on your requirement description I'd say you better go for a system with one single database.
Only that way you can check your current stock when you need it.
Moreover a single database solution is far less complex and reduces a ton of problems you will always face with distributed databases.
just my two cents...
Lars

Repository synchronization between two sites

Hi All,
We are using Oracle Designer 6i for our designs. We are creating DFDs, PFDs and ERDs. Two teams are working on this at two different locations. Can somebody suggest the way to synchronize (combine) the work done by both the teams into a single repository. For example, Team A has created DFDs, PFDs and ERDs at Location1. Team B is also creating DFDs, PFDs and ERDs at Location2. Team B will be using some of the functions in their diagrams created by Team A. Now we want to apply the changes done by Team B into the repository located at Location1.
Thanks in advance for any suggestions
regards,
Vijay

Hi Vishal,
thanks a lot for your reply. You have suggested that we can import the entire application system at Site B. At this time we are using non-versioned repository. And we are using only one application system. But the problem is that at Site B some people are making changes to the same application system used at Site A. I understand that if i have to import an application system, i have to make sure that there is no application system with the same name at the destination. So in this case if i have to import the Site A's application system at Site B, first i have to delete the Site B application system. In which case i will be losing all the changes made by the Team at Site B. But my requirement is that i want to incorporate the chages made at Site B's application system into the Site A's application system. Can you please give your thoughts about this.
thanks in advance
regards,
Vijay

Synchronization between two master detail jsf page

hi guys,
i have two jsf page, how can i synchronize the row selected (af:table) on the first page of one master detail ( the detail table) with the second page.
In my case in the second page i can make modifications in a dialog Popup, but the row selected (the detail table) in the first page is shown in the popup
i want the selected record of the detail table in the second page will be shown in the popup
thanks for your help
Edited by: fakhri_tn on Nov 13, 2012 11:47 PM

Hi,
in this case you need to pass the SelectedRowKeySet of the detail table in page one. So what you can do is
1. create a managed bean in page flow scope
2. when navigating to page 2, access the table component (make sure you don't create a managed bean component reference in the page flow bean and instead use a backing bean for component instance lookup) and read its selected row key set
3. On page 2, reference the page flow managed bean saved rowKeySet from the selected row keys property of the table
Frank

FIM PCNS Two Way Password sync between two distinct forests

Hello Everyone,
i was wondering if anyone had any idea on a way to synchronize passwords with PCNS for 2 AD Forests both ways (from forest 1 to forest 2 and from forest 2 to Forest 1)
thanks !
Hitch Bardawil

Hi Hitch,
There is a setting on the AD management agent that limits the number of resets that will be performed against a given target, i.e.
Specify maximum number of password changes for a 24 hour period. You could try setting that down to 1 on both of your AD MAs so that it interrupts the looping behaviour.
You'd obviously have to test this out, and consider that if the user changes their password a second time in the same day, it won't get synchronized. Setting the Minimum Password Age password policy to 2 days could alleviate this risk.
Have fun testing!
Marc
Marc Mac Donell, VP Identity and Access Solutions, Avaleris Inc.
http://www.avaleris.com

"how do i synchronize between two outputs"

Hi
I'm using a bapi data service "po_bapi_getlist" which have two outputs :header and raws.
When I'm connecting each output to table view, the output information is not synchronized,
when i put the cursor on the line's header - "po nam" the cursor is not standing on the relevant "po nam" raw in raw view .
The BAPI structure has one input and tow output ports and they are both RecordSets (table output).
They have the same key fields PO_ number.
i've added the info' about our system for your review \ help:
GML version: 799.14.0027
Client version: 700.14.0.1
VCServer version:700.14.0.1
Flex version:700.14.0.1
Portal content version (HTMLBKit): 700.14.0.1
Portal Connector version: 700.14.0.1
Thanks ahead,
Regards
Eli.

Hi Eli,
Create dummy fields in the outputs that match the missing fields. The dummy fields have to be the same type as the real fields they represent. Then in the union all fields will show up. You can then use a goup by object to put the values together. I have done this a few times and it works. Hope this helps.
Example:
Output 1
firstname
lastname
address   (dummy field)
city           (dummy field)
Output 2
address
city
firstname (dummy field)
lastname   (dummy field)

How to Enable TLS between two domain

Hi All,
our partner want us to enable TLS in Email. how to enable in my environment also this TLS should be for specific partner not for all. if so what all the information required from their side i suppose to ask. Please guide be in a basic manner.
we are using Exchange 2010.
Thanks, Venkatesh. "Hardwork Never Fails"

HI Venkatesh,
Please check this article it is for 2007 but you can test do the change as per 2010.
http://www.msexchange.org/articles-tutorials/exchange-server-2007/security-message-hygiene/Securing-SMTP-Message-Flow-between-different-Exchange-Server-2007-organizations.html
Also, check this
http://dizdarevic.ba/ddamirblog/?p=78

Password synchronization problem between sun DS and ADS

Hi
I installed the sun one indentity synchronization 1.0. I synchronize password between one DS and one AD.It is working fine. My problem is i want to synchronize between two sun one DS and one AD , but it is ignoring the one DS in Sync , anothe DS and AD is Synchronizing. It is not synchrnonizing the two DS and one AD server.
My SUL Configuration is
SUL Name : DS1ToADS
Windows
Base DN : ou=newsync,dc=esecurity,dc=com
Filter : destinationindicator=ameer.com
Creation Expression : cn=%cn%, ou=newsync,dc=esecurity,dc=com
Sun One Directory Server
Base DN : cn=authorization2,dc=ameer,dc=com
destinationindicator=ameer.com
SUL Name : DS2ToADS
Windows
Base DN : ou=newsync,dc=esecurity,dc=com
Filter : destinationindicator=basha.com
Creation Expression : cn=%cn%, ou=newsync,dc=esecurity,dc=com
Sun One Directory Server
Base DN : cn=authorization2,dc=basha,dc=com
destinationindicator=basha.com
I am synchronizing the existing users using the following file.
<?xml version="1.0" encoding="UTF-8"?>
<UserLinkingOperationList allowLinkingOutOfScope="true">
<UserLinkingOperation parent.attr="UserLinkingOperation"
sulid="DS1ToADS">
<UserMatchingCriteria parent.attr="UserMatchingCriteria">
<AttributeMap parent.attr="AttributeMap">
<AttributeDescription parent.attr="SunAttribute" name="sn"/>
<AttributeDescription parent.attr="WindowsAttribute" name="sn"/>
</AttributeMap>
<AttributeMap parent.attr="AttributeMap">
<AttributeDescription parent.attr="SunAttribute" name="employeenumber"/>
<AttributeDescription parent.attr="WindowsAttribute" name="employeeid"/>
</AttributeMap>
</UserMatchingCriteria>
</UserLinkingOperation>
<UserLinkingOperation parent.attr="UserLinkingOperation"
sulid="DS2ToADS">
<UserMatchingCriteria parent.attr="UserMatchingCriteria">
<AttributeMap parent.attr="AttributeMap">
<AttributeDescription parent.attr="SunAttribute" name="givenName"/>
<AttributeDescription parent.attr="WindowsAttribute" name="givenName"/>
</AttributeMap>
<AttributeMap parent.attr="AttributeMap">
<AttributeDescription parent.attr="SunAttribute" name="employeenumber"/>
<AttributeDescription parent.attr="WindowsAttribute" name="employeeid"/>
</AttributeMap>
</UserMatchingCriteria>
</UserLinkingOperation>
</UserLinkingOperationList>
Should not showing the any error after synchronization.
I am giving my log files
resync log
[05/Jan/2005:17:29:12.505 +0530] INFO 66 CNN101 csi2a01 "Sent remote source entry 'dn: 'CN=actusr2,OU=newsync,DC=esecurity,DC=com' [activedirectorydomainname=esecurity.com, employeeid=11112]'." (Action ID=CNN101-10142707E24-10, SN=4)
[05/Jan/2005:17:29:12.958 +0530] INFO 66 CNN101 csi2a01 "Sent remote source entry 'dn: 'CN=actusr1,OU=newsync,DC=esecurity,DC=com' [activedirectorydomainname=esecurity.com, employeeid=11111]'." (Action ID=CNN101-10142707E24-11, SN=4)
[05/Jan/2005:17:29:13.051 +0530] INFO 66 CNN101 csi2a01 "Sent all entries for the 'DS2TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-13, SN=0)
[05/Jan/2005:17:29:14.098 +0530] INFO 66 CNN101 csi2a01 "Sent all entries for the 'DS1TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-14, SN=0)
[05/Jan/2005:17:29:17.442 +0530] INFO 71 CNN100 csi2a01 "Received all remote entries for the 'DS1TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-14, SN=5)
[05/Jan/2005:17:29:18.567 +0530] INFO 62 CNN101 csi2a01 "Received all remote entries for the 'DS1TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-14, SN=10)
[05/Jan/2005:17:29:22.098 +0530] INFO 72 CNN102 csi2a01 "The Windows entry 'dn: 'CN=actusr1,OU=newsync,DC=esecurity,DC=com' [employeenumber=11111, givenname=ameer1] [destinationindicator=[basha.com, ameer.com]]' is already linked to the Directory Server entry 'dn: 'uid=ds1ameer1,cn=Authorization1,dc=basha,dc=com' [employeenumber=11111, destinationindicator=esecurity.com]'." (Action ID=CNN101-10142707E24-11, SN=5)
[05/Jan/2005:17:29:22.098 +0530] INFO 71 CNN102 csi2a01 "The Windows entry 'dn: 'CN=actusr2,OU=newsync,DC=esecurity,DC=com' [employeenumber=11112, givenname=ameer2] [destinationindicator=[basha.com, ameer.com]]' is already linked to the Directory Server entry 'dn: 'uid=ds1ameer2,cn=Authorization1,dc=basha,dc=com' [employeenumber=11112, destinationindicator=esecurity.com]'." (Action ID=CNN101-10142707E24-10, SN=5)
[05/Jan/2005:17:29:22.520 +0530] INFO 73 CNN102 csi2a01 "Received all remote entries for the 'DS2TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-13, SN=5)
[05/Jan/2005:17:29:22.629 +0530] INFO 63 CNN101 csi2a01 "Received all remote entries for the 'DS2TOADS' Synchronization User List." (Action ID=CNN101-10142707E24-13, SN=10)
audit log
[05/Jan/2005:17:29:15.629 +0530] FINE 16 CNN102 csi2a01 "The agent has received an outbound action from MQ: Type: REFRESH SUL: DS2TOADS {Data Attrs: [UNSPEC employeenumber: 11112] [UNSPEC activedirectorydomainname: esecurity.com]} {Other Attrs: cn: actusr2 destinationindicator: basha.com, ameer.com dn: CN=actusr2,OU=newsync,DC=esecurity,DC=com employeenumber: 11112 givenname: ameer2 objectclass: top, person, organizationalPerson, user dspswuserlink: tZeGDb7WM0SW72YcOMzfew== pwdlastset: 127493062677968750 samaccountname: 1234 sn: nagore2 usnchanged: 115104 whenchanged: 20050104100213.0Z}." (Action ID=CNN101-10142707E24-10, SN=3)
[05/Jan/2005:17:29:15.895 +0530] FINE 16 CNN102 csi2a01 "The controller has received the following outbound action from the agent: Type: REFRESH SUL: DS2TOADS {Data Attrs: [UNSPEC employeenumber: 11112] [UNSPEC activedirectorydomainname: esecurity.com]} {Other Attrs: cn: actusr2 destinationindicator: basha.com, ameer.com dn: CN=actusr2,OU=newsync,DC=esecurity,DC=com employeenumber: 11112 givenname: ameer2 objectclass: top, person, organizationalPerson, user dspswuserlink: tZeGDb7WM0SW72YcOMzfew== pwdlastset: 127493062677968750 samaccountname: 1234 sn: nagore2 usnchanged: 115104 whenchanged: 20050104100213.0Z}." (Action ID=CNN101-10142707E24-10, SN=4)
[05/Jan/2005:17:29:16.208 +0530] FINE 16 CNN102 csi2a01 "The agent has received an outbound action from MQ: Type: REFRESH SUL: DS2TOADS {Data Attrs: [UNSPEC employeenumber: 11111] [UNSPEC activedirectorydomainname: esecurity.com]} {Other Attrs: cn: actusr1 destinationindicator: basha.com, ameer.com dn: CN=actusr1,OU=newsync,DC=esecurity,DC=com employeenumber: 11111 givenname: ameer1 objectclass: top, person, organizationalPerson, user dspswuserlink: tfNQqDQ8VEigzgJjrfcVSg== pwdlastset: 127493178093125000 samaccountname: 123 sn: nagore1 usnchanged: 115147 whenchanged: 20050104131009.0Z}." (Action ID=CNN101-10142707E24-11, SN=3)
[05/Jan/2005:17:29:16.926 +0530] FINE 16 CNN100 csi2a01 "The agent has received an outbound action from MQ: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=3)
[05/Jan/2005:17:29:16.926 +0530] FINE 16 CNN100 csi2a01 "The controller has received the following outbound action from the agent: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=4)
[05/Jan/2005:17:29:16.973 +0530] FINE 16 CNN102 csi2a01 "The controller has received the following outbound action from the agent: Type: REFRESH SUL: DS2TOADS {Data Attrs: [UNSPEC employeenumber: 11111] [UNSPEC activedirectorydomainname: esecurity.com]} {Other Attrs: cn: actusr1 destinationindicator: basha.com, ameer.com dn: CN=actusr1,OU=newsync,DC=esecurity,DC=com employeenumber: 11111 givenname: ameer1 objectclass: top, person, organizationalPerson, user dspswuserlink: tfNQqDQ8VEigzgJjrfcVSg== pwdlastset: 127493178093125000 samaccountname: 123 sn: nagore1 usnchanged: 115147 whenchanged: 20050104131009.0Z}." (Action ID=CNN101-10142707E24-11, SN=4)
[05/Jan/2005:17:29:16.973 +0530] FINE 16 CNN102 csi2a01 "The agent has received an outbound action from MQ: Type: SENTINEL SUL: DS2TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-13, SN=3)
[05/Jan/2005:17:29:16.989 +0530] FINE 16 CNN102 csi2a01 "The controller has received the following outbound action from the agent: Type: SENTINEL SUL: DS2TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-13, SN=4)
[05/Jan/2005:17:29:17.442 +0530] FINER 13 SysMgr_100 csi2a01 "Sending an acknowledgement to the console for request (ID=1104926235041)."
[05/Jan/2005:17:29:17.473 +0530] FINE 13 SysMgr_100 csi2a01 "Sent an acknowledgement to the console for request (ID=1104926235041)."
[05/Jan/2005:17:29:17.457 +0530] FINE 71 CNN100 csi2a01 "The agent has received the following inbound action from the controller: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=6)
[05/Jan/2005:17:29:17.489 +0530] INFO 71 CNN100 csi2a01 "The agent is sending the following inbound action to MQ: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=7)
[05/Jan/2005:17:29:17.504 +0530] FINER 71 CNN100 csi2a01 "The controller has acknowledged the following outbound action to the agent: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=8)
[05/Jan/2005:17:29:18.192 +0530] FINE 16 CNN101 csi2a01 "The agent has received an outbound action from MQ: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=8)
[05/Jan/2005:17:29:18.364 +0530] FINE 16 CNN101 csi2a01 "The controller has received the following outbound action from the agent: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=9)
[05/Jan/2005:17:29:18.676 +0530] FINER 62 CNN101 csi2a01 "The controller has acknowledged the following outbound action to the agent: Type: SENTINEL SUL: DS1TOADS {Data Attrs: } {Other Attrs: }." (Action ID=CNN101-10142707E24-14, SN=11)
Please do the needful
Basha

Hi Joshua,
Does this mean that I need to install the core and sub component but no need to install the DS and AD connectors. No!!! Core must only be installed on one machine! Here is a short summary of the steps during an installation having sun ONE LDAPs in multi-master replication (taking ldap2 as the machine, whrere core is installed):
1. Install core on ldap2
2. start console and configure your directory sources. For the sun directory source enter ldap2 as the preferred and ldap1 as the secondary ldap. Configure the rest: attribute-mapping, modification flow, AD-source, SULs, etc. save the configuration.
3. on ldap2 run idsync prepds untill you get the SUCCESS message in the following way (be sure to specify the secondary ldap with -j and -r options):
idsync prepds -h <ldap2> -p <ldap2port> -j <ldap1> -r <ldap1port> -D "cn=directory manager" -w <passwort> -s <configuration_registry_suffix>4. Run the install binaries again on ldap2. Install DS Connector on ldap2, install DS-Subcomponent (preferred) on ldap2. Install AD-Connector.
5. Copy over install binaries to ldap1. Run the install binaries on ldap1. Give ldap2 as configuration directory URL When you are asked, what components to install, select subcomponent. Select the suffix. When you are asked, what type of ldap, select secondary.
6. Copy over install binaries to any ldap slave in your replication topology and install the subcomponent there, choosing "other" as the ldap type.
Good luck again...
Jakob.

Password synchronization between two domains

Similar Messages

Maybe you are looking for