[Fedora-directory-users] Windows Sync Error
David Boreham
david_list at boreham.org
Wed Nov 29 00:57:56 UTC 2006
Glenn wrote:
>I wasn't thinking when I said the directory server data was imported from
>NT. It actually came from a Netscape Directory server. Just as a test, I
>exported a few users to an ldif file and tried to use the ldifde on the W2003
>domain controller to import them. It seems to find a syntax error on every
>line in the file, making it impossible to narrow it down.
>
>I can't possibly be the only person who has run into this problem. Hoping
>someone can shed some light. Thanks. -Glenn.
>
>
We ran into this problem while developing the code.
Unfortunately AD is brain-damaged with it comes to
diagnosing why it objected to a particular operation.
There seems to be no way to get it to log some decent
diagnostic information, and it does not provide an adequate
error message over the wire.
In debugging these problems I first added the code that you
have seen that dumps out the complete entry to the log.
Then I pasted the entry into an ldapmodify command
to reproduce the problem outside the server. Finally I
edited the LDIF to trim off likely looking attributes until
AD quit complaining. At that point I knew which one it
was barfing over.
I would begin by removing all the NT domain related
attributes from a test entry and see if it adds ok.
Then add them back one by one to see which is
causing the problem.
More information about the Fedora-directory-users
mailing list