I'm having some issue with syncing from the Vault to an AD system.
A straight add without attributes such as Telephone Number work fine.
However, when trying to sync a user from the vault to AD and the user
does not exist in AD, I get the following error:

<ldap-err ldap-rc="21" ldap-rc-name="LDAP_INVALID_SYNTAX">
<client-err ldap-rc="21" ldap-rc-name="LDAP_INVALID_SYNTAX">Invalid
Syntax</client-err>
<server-err>00000057: LdapErr: DSID-0C090B38, comment: Error in
attribute conversion operation, data 0, vece</server-err>
<server-err-ex win32-rc="87"/>
</ldap-err>

Looking through the xml being passed to the application, the only
attribute I can see that doesn't have a value is Telephone Number. Also,
is this list of attributes generated from the attributes defined in the
filter?

LDAPMod operations:
add attribute objectClass
>> user

add attribute objectCategory
>> CN=Person,CN=Schema,CN=Configuration,DC=orgname,DC =bcc,DC=internal

add attribute OrgName-Branch
>> CEO Branch

add attribute OrgName-Division
>> CEO

add attribute OrgName-OrgLevel
>> Audit Services

add attribute OrgName-PIN
>> 1234

add attribute OrgName-Section
>> Audit Serv

add attribute sAMAccountName
>> 023456

add attribute displayName
>> John Smith

add attribute givenName
>> John

add attribute sn
>> Smith

add attribute title
>> ASSURANCE SPECIALIST

add attribute sAMAccountName
>> 023456

add attribute telephoneNumber
>>

add attribute mail
>> John.Smith@OrgMail.com


Is this normal for the AD driver to fail if the attribute does not have
a value?
I have tried creating a rule that will pass a default value to the
attribute if it is empty but the attribute list that is being passed to
AD then shoes two entries for Telephone Number (one blank and one with
my default value).


--
phillipsw
------------------------------------------------------------------------
phillipsw's Profile: http://forums.novell.com/member.php?userid=5619
View this thread: http://forums.novell.com/showthread.php?t=408039