When I create users in eDir without the other name attribute, everything
goes perfect but when this attribute is filled, the user doesn't get
created and an error occures. I have about 400 users in eDir all of them
have this attribute filled. I don't want to go through all the users, so
I'm searching for a solutions, that doesn't look at this attribute at all,
wether it's there or not, the user should be created in AD.

Please help. DSTrace :

16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
policy: 'Email notifications for failed password publications'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
to modify #1.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
Evaluating selection criteria for rule 'Send e-mail for a failed publish
password operation'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
(if-global-variable 'notify-user-on-password-dist-failure' equal "true") =
TRUE.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
(if-operation equal "status") = FALSE.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Rule
rejected.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Policy
returned:
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
<nds dtdversion="3.0" ndsversion="8.x">
<source>
<product version="3.0.0.20051118 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify class-name="user" event-id="HEAD#20060321151415#2#1"
qualified-src-dn="O=IISG\CN=novuser2" src-dn="\IISG\IISG\novuser2"
src-entry-id="35606" timestamp="1142954055#1">
<association state="associated">d66772853567df4fb38a5233b7fd7f5 6</association>
<modify-attr attr-name="cn">
<add-value>
<value timestamp="1142954055#1" type="string">novuser 2</value>
</add-value>
</modify-attr>
</modify>
</input>
</nds>
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
Submitting document to subscriber shim:
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
<nds dtdversion="3.0" ndsversion="8.x">
<source>
<product version="3.0.0.20051118 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify class-name="user" event-id="HEAD#20060321151415#2#1"
qualified-src-dn="O=IISG\CN=novuser2" src-dn="\IISG\IISG\novuser2"
src-entry-id="35606" timestamp="1142954055#1">
<association state="associated">d66772853567df4fb38a5233b7fd7f5 6</association>
<modify-attr attr-name="cn">
<add-value>
<value timestamp="1142954055#1" type="string">novuser 2</value>
</add-value>
</modify-attr>
</modify>
</input>
</nds>
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Remote
Interface Driver: Sending...
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
<nds dtdversion="3.0" ndsversion="8.x">
<source>
<product version="3.0.0.20051118 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify class-name="user" event-id="HEAD#20060321151415#2#1"
qualified-src-dn="O=IISG\CN=novuser2" src-dn="\IISG\IISG\novuser2"
src-entry-id="35606" timestamp="1142954055#1">
<association state="associated">d66772853567df4fb38a5233b7fd7f5 6</association>
<modify-attr attr-name="cn">
<add-value>
<value timestamp="1142954055#1" type="string">novuser 2</value>
</add-value>
</modify-attr>
</modify>
</input>
</nds>
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Remote
Interface Driver: Document sent.
16:16:33 76537060 00000000 FFFFFFFF -1 Drvrs: Active Directory : Remote
Interface Driver: Received.
16:16:33 76537060 00000000 FFFFFFFF -1 Drvrs: Active Directory :
<nds dtdversion="1.1" ndsversion="8.7">
<source>
<product asn1id="" build="20051114_120000"
instance="\IISG\IISG\ADNDSDriverSet\Active Directory"
version="3.1">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status event-id="HEAD#20060321151415#2#1" level="error" type="driver-general">
<ldap-err ldap-rc="67" ldap-rc-name="LDAP_NOT_ALLOWED_ON_RDN">
<client-err ldap-rc="67" ldap-rc-name="LDAP_NOT_ALLOWED_ON_RDN">Not allowed
on RDN</client-err>
<server-err>000020B1: UpdErr: DSID-030F0A48, problem 6004 (CANT_ON_RDN), data 0
</server-err>
<server-err-ex win32-rc="8369"/>
</ldap-err>
</status>
</output>
</nds>
16:16:33 76537060 00000000 FFFFFFFF -1 Drvrs: Active Directory : Remote
Interface Driver: Received document for subscriber channel
16:16:33 76537060 00000000 FFFFFFFF -1 Drvrs: Active Directory : Remote
Interface Driver: Waiting for receive...
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
SubscriptionShim.execute() returned:
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
<nds dtdversion="1.1" ndsversion="8.7">
<source>
<product asn1id="" build="20051114_120000"
instance="\IISG\IISG\ADNDSDriverSet\Active Directory"
version="3.1">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status event-id="HEAD#20060321151415#2#1" level="error" type="driver-general">
<ldap-err ldap-rc="67" ldap-rc-name="LDAP_NOT_ALLOWED_ON_RDN">
<client-err ldap-rc="67" ldap-rc-name="LDAP_NOT_ALLOWED_ON_RDN">Not allowed
on RDN</client-err>
<server-err>000020B1: UpdErr: DSID-030F0A48, problem 6004 (CANT_ON_RDN), data 0
</server-err>
<server-err-ex win32-rc="8369"/>
</ldap-err>
</status>
</output>
</nds>
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
input transformation policies.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
policy: 'Convert selected attributes to a form most commonly used in the
Identity Vault.'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
to status #1.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
Evaluating selection criteria for rule 'streetAddress: Convert CR-LF to LF'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Rule
selected.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
rule 'streetAddress: Convert CR-LF to LF'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Action:
do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
Evaluating selection criteria for rule 'logonHours: Convert to Login
Allowed Time Map form'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Rule
selected.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
rule 'logonHours: Convert to Login Allowed Time Map form'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Action:
do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
Evaluating selection criteria for rule 'accountExpires: Convert to Identity
Vault time format'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Rule
selected.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
rule 'accountExpires: Convert to Identity Vault time format'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Action:
do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
Evaluating selection criteria for rule 'lockoutTime: Convert to Identity
Vault time format'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Rule
selected.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
rule 'lockoutTime: Convert to Identity Vault time format'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Action:
do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Policy
returned:
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
<nds dtdversion="1.1" ndsversion="8.7">
<source>
<product asn1id="" build="20051114_120000"
instance="\IISG\IISG\ADNDSDriverSet\Active Directory"
version="3.1">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status event-id="HEAD#20060321151415#2#1" level="error" type="driver-general">
<ldap-err ldap-rc="67" ldap-rc-name="LDAP_NOT_ALLOWED_ON_RDN">
<client-err ldap-rc="67" ldap-rc-name="LDAP_NOT_ALLOWED_ON_RDN">Not allowed
on RDN</client-err>
<server-err>000020B1: UpdErr: DSID-030F0A48, problem 6004 (CANT_ON_RDN), data 0
</server-err>
<server-err-ex win32-rc="8369"/>
</ldap-err>
</status>
</output>
</nds>
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
policy: 'Email notifications for failed password subscriptions'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
to status #1.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
Evaluating selection criteria for rule 'Send e-mail on a failure when
subscribing to passwords'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
(if-global-variable 'notify-user-on-password-dist-failure' equal "true") =
TRUE.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
(if-operation equal "status") = TRUE.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
(if-xpath true "self::status[@level != 'success'][text() !=
'']/operation-data/password-subscribe-status/association[text() != '']") =
FALSE.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Rule
rejected.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
Evaluating selection criteria for rule 'Send e-mail on failure to reset
connected system password using the Identity Manager data store password'.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
(if-global-variable 'notify-user-on-password-dist-failure' equal "true") =
TRUE.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
(if-operation equal "status") = TRUE.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
(if-xpath true "self::status[@level !=
'success']/operation-data/password-reset-status") = FALSE.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Rule
rejected.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Policy
returned:
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
<nds dtdversion="1.1" ndsversion="8.7">
<source>
<product asn1id="" build="20051114_120000"
instance="\IISG\IISG\ADNDSDriverSet\Active Directory"
version="3.1">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status event-id="HEAD#20060321151415#2#1" level="error" type="driver-general">
<ldap-err ldap-rc="67" ldap-rc-name="LDAP_NOT_ALLOWED_ON_RDN">
<client-err ldap-rc="67" ldap-rc-name="LDAP_NOT_ALLOWED_ON_RDN">Not allowed
on RDN</client-err>
<server-err>000020B1: UpdErr: DSID-030F0A48, problem 6004 (CANT_ON_RDN), data 0
</server-err>
<server-err-ex win32-rc="8369"/>
</ldap-err>
</status>
</output>
</nds>
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: Applying
schema mapping policies to input.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
Resolving association references.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
Processing returned document.
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
Processing operation <status> for .
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST:
DirXML Log Event -------------------
Driver: \IISG\IISG\ADNDSDriverSet\Active Directory
Channel: Subscriber
Object: \IISG\IISG\novuser2
Status: Error
Message: <ldap-err ldap-rc="67" ldap-rc-name="LDAP_NOT_ALLOWED_ON_RDN">
<client-err ldap-rc="67" ldap-rc-name="LDAP_NOT_ALLOWED_ON_RDN">Not
allowed on RDN</client-err>
<server-err>000020B1: UpdErr: DSID-030F0A48, problem 6004 (CANT_ON_RDN),
data 0
</server-err>
<server-err-ex win32-rc="8369"/>
</ldap-err>
16:16:33 77528440 00000000 FFFFFFFF -1 Drvrs: Active Directory ST: End
transaction.