Hi there:
I had managed to setup the IDM environment and perform the migration
by using the AD driver successfully. It is found that the user can now
only managed to change their password from AD to IDM. However, the
password synchronization failed to work from IDM to AD. The following is
the error log has been captured. THe error has mentioned as
"LDAP_AUTH_UNKNOWN", and I had been using Negotiate Method to syncrhonize
user from IDM to AD.

Rgds,
Stan


================================================== ======

DirXML: [11/05/07 10:18:50.90]: Loader: Calling subscriptionShim->execute()
DirXML: [11/05/07 10:18:50.90]: Loader: XML Document:
DirXML: [11/05/07 10:18:50.90]: <nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.5.1.20070411 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<check-object-password event-id="user-agent-check-password">
<association>d7226c001ab13c42a6092a8af2f5eb71</association>
<password><!-- content suppressed --></password>
</check-object-password>
</input>
</nds>
DirXML: [11/05/07 10:18:50.90]: ADDriver: parse command

className
destDN
eventId user-agent-check-password
association d7226c001ab13c42a6092a8af2f5eb71
DirXML: [11/05/07 10:18:50.90]: ADDriver: parse check object password
DirXML: [11/05/07 10:18:50.90]: ADDriver: CheckPwd CN=xxxxxx,OU=xxxxx
IT,OU=xxxx,DC=ad,DC=com
DirXML: [11/05/07 10:18:50.92]: Loader: subscriptionShim->execute()
returned:
DirXML: [11/05/07 10:18:50.92]: Loader: XML Document:
DirXML: [11/05/07 10:18:50.92]: <nds ndsversion="8.7" dtdversion="1.1">
<source>
<product version="3.5.1" asn1id="" build="20070531_104500"
instance="IDM-TREESERVICESIDM Driver SetIDM-TREE_TO_AD">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status level="error" type="driver-general"
event-id="user-agent-check-password">
<message>Check password connection validation</message>
<ldap-err ldap-rc="86" ldap-rc-name="LDAP_AUTH_UNKNOWN">
<client-err ldap-rc="14"/>
</ldap-err>
</status>
</output>
</nds>