We are testing ID3 with a one way Vault to AD sync of users, groups and OU's
After a couple of test runs and a tweak or two to the policies, the sync
I deleted the parent OU from the AD domain and wanted to do the sync
again. This time to show the staff how it is supposed to work.
On every OU, group and user, I get the following error
DirXML: [05/15/06 08:09:07.56]: Loader: Calling subscriptionShim->execute()
DirXML: [05/15/06 08:09:07.56]:
DirXML Log Event -------------------
Driver = \CCN\CCN\ID3\EDIR2AD\Active Directory
Thread = Subscriber Channel
Object = \CCN\CCN\MANOR\QCARE
Level = error
Message = <ldap-err ldap-rc="53"
ldap-rc-name="LDAP_UNWILLING_TO_PERFORM">Unwilling To Perform</client-err>
<server-err>00000057: LdapErr: DSID-0C090A47, comment: Error in
attribute conversion operation, data 0, vece</server-err>
If I stop and modify the driver to put the NDS tree into a new Parent OU
of the AD domain, the sync goes great. Again, if I delete the ~~~~ out
of AD and try again, I get the same error.
Any thoughts on why I can't resync.