Hi Guys

Iam experiencing the following error when provisioning users in Active
Directory from the IDM Vault.The end result is the account is never
created in MAD.

Iam using IDM 4.0.1
SUSE 11 Enterprise
Active Directory Driver version 3.5.11

I have attached the trace log below.Any help will be greatly
appreciated.

<status
event-id="cen-idm01#20120202115044#1#1:7a469332-8877-4d94-50a6-3293467a7788"
level="success"><application>DirXML</application>
<module>Cathed Active Directory Driver</module>
<object-dn>\CENIDM\data\users\Wanalirri Catholic
School\Numendumah.Sonya</object-dn>
<component>Subscriber</component>
</status>
</output>
</nds>
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Applying to status #5.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Evaluating selection
criteria for rule 'AccountTracking - Initialize Realm Mapping'.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-global-variable
'drv.acctTrk.enable' equal "true") = TRUE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-global-variable
'drv.acctTrk.mode' equal "fanout") = FALSE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Rule rejected.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Evaluating selection
criteria for rule 'AccountTracking - disregard if disabled'.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-global-variable
'drv.acctTrk.enable' not-equal "true") = FALSE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Rule rejected.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Evaluating selection
criteria for rule 'AccountTracking - query DirXML-Accounts Attribute'.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-op-property
'AccountTracking-ObjectDN' available) = FALSE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Rule rejected.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Evaluating selection
criteria for rule 'AccountTracking - remove Dirxml-Account values on
regular delete operation'.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-operation match
"delete|remove-association") = FALSE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-operation equal
"status") = TRUE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-op-property
'AccountTracking-ObjectDN' available) = FALSE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Rule rejected.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Evaluating selection
criteria for rule 'AccountTracking - update DirXMLAccounts attribute on
regular operations'.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-op-property
'AccountTracking-Operation' not-available) = TRUE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-op-property
'AccountTracking-ObjectDN' available) = FALSE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-operation equal
"status") = TRUE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-xpath true
"./@level='success' or ./@level='warning'") = FALSE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Rule rejected.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Evaluating selection
criteria for rule 'AccountTracking - update DirXMLAccounts attribute on
mapped operations'.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-xpath true
"operation-data/account-tracking-operation") = FALSE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: (if-xpath true
"operation-data/account-tracking-operation") = FALSE.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST: Rule rejected.
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST:Policy returned:
19:50:51 FFFFFFFFE14A7950 Drvrs: SK *** ST:
<nds dtdversion="1.1" ndsversion="8.7">
<source>
<product asn1id="" build="20100723_120000"
instance="\CENIDM\system\Cathed\Cathed Active Directory Driver"
version="3.5.11">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status
event-id="cen-idm01#20120202115044#1#1:7a469332-8877-4d94-50a6-3293467a7788"
level="error" type="driver-general">
<ldap-err ldap-rc="21" ldap-rc-name="LDAP_INVALID_SYNTAX">
<client-err ldap-rc="21" ldap-rc-name="LDAP_INVALID_SYNTAX">Invalid
Syntax</client-err>
<server-err>00000057: LdapErr: DSID-0C090B38, comment: Error in
attribute conversion operation, data 0, vece</server-err>
<server-err-ex win32-rc="87"/>
</ldap-err>
19:50:51 FFFFFFFFE14A7950 Drvrs: <operation-data
AccountTracking-AccountStatusChanged="true"
AccountTracking-AppAccountStatus="-"
AccountTracking-IdvAccountStatus="A"
AccountTracking-LDAPDN="CN=Numendumah\,
Sonya,DC=cathednet,DC=wa,DC=edu,DC=au"
AccountTracking-ObjectDN="\CENIDM\data\users\Wanalirri Catholic
School\Numendumah.Sonya" AccountTracking-Operation="add"
AccountTracking-sAMAccountName="Numendumah.Sonya"
AccountTracking-userPrincipalName="Numendumah.Sonya@cathednet.wa.e du.au"
LEGACY-OBJECT="FALSE" NASurname="Numendumah" NEWUSER="TRUE"
Normalized-GivenName="Sonya" Normalized-MiddleName=""
Normalized-PreferredName="Sonya" Normalized-Surname="Numendumah"
UNIQUE-GN="Sonya" USER-ID="NUMESX"
accountAction="accountCreateByEntitlementGrant" association=""
check-exch-mailbox-entitlements="true" check-group-entitlements="true"
guid="en6qc2hdO0tvmXp+qnNoXQ==" objectClass="User" schoolName=""
sized-samaccountname-normalized="Numendumah.Sonya"
sourceDN="\CENIDM\data\users\Wanalirri Catholic
School\Numendumah.Sonya">
<entitlement-impl id="system\Cathed\Entitlement Policies\All Staff"
name="UserAccount" qualified-src-dn="O=data\OU=users\OU=Wanalirri
Catholic School\CN=Numendumah.Sonya" src="RBE"
src-dn="\CENIDM\data\users\Wanalirri Catholic School\Numendumah.Sonya"
src-entry-id="54258" state="1">cathednet.wa.edu.au</entitlement-impl>
<password-subscribe-status>
<association/>
</password-subscribe-status>
</operation-data>
</status>
<status
event-id="cen-idm01#20120202115044#1#1:7a469332-8877-4d94-50a6-3293467a7788"
level="warning" type="driver-general">
<ldap-err ldap-rc="32" ldap-rc-name="LDAP_NO_SUCH_OBJECT">
19:50:51 FFFFFFFFE14A7950 Drvrs: <client-err ldap-rc="32"
ldap-rc-name="LDAP_NO_SUCH_OBJECT">No Such Object</client-err>
<server-err>0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT),
data 0, best match of:
'DC=cathednet,DC=wa,DC=edu,DC=au'

Thanks

TM


--
TakaM
------------------------------------------------------------------------
TakaM's Profile: http://forums.novell.com/member.php?userid=103757
View this thread: http://forums.novell.com/showthread.php?t=451749