Hi,

we're using the Password Sync filter for one of our AD drivers. Password
synchronization works fine as the filter is installed on all three
domain controllers. A strange problem was raised as we set up a second
remote loader on another domain controller. What we wanted to get was
manual fail over - as one domain controller goes down - we wanted to
semi-automatically switch the IP/FQDN of the Remote Loader for this
driver in IDM. This worked great for normal attribute synchronization,
but as soon as the driver is started on the second DC (after stopping it
on the first one, and changing the address in the driver configuration),
OLD password change events (that seem to have been cached on the
machine) are synced again. When we did this for the first time exactly
100 password changes were logged (I see them in Nsure Audit). It seems
as if the maximum number of cached password changes is 100?

Is it possible to make the password filter aware of a fail-over remote
loader? why does each remote loader hold it's own cache for password
changes? I red through the documentation
(<http://www.novell.com/documentation/idm35drivers/ad/index.html?page=/documentation/idm35drivers/ad/data/bktitle.html>)
- we used the way described in "7.5.1 Allowing Remote Access to the
Registry" to setup the filter. In section 7.5.2 step 8 at the end of the
document there is shown a way to define the host on which the driver is
running - it seems to be possible to add more than one server (running
the remote loader) here - though it's not documented - is this a way to
solve our scenario wtih two remote loaders?

I'd be thankfull for any advice!



DirXML: [05/06/08 16:22:40.48]: Loader: Received document from
publicationShim
DirXML: [05/06/08 16:22:40.48]: Loader: XML Document:
DirXML: [05/06/08 16:22:40.48]: <nds dtdversion="2.2">
<source>
<product version="3.5.10.20070918 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify-password event-id="G3-7-AD-UMG##119be9cd963##0"
class-name="user" src-dn="CN=admin\, bode,OU=Benutzer -
ITSC,OU=IT-Service-Center,OU=Benutzer,OU=G3-76
IT-Service-Center,OU=Sachgebiete,OU=G3-7 Informationstechnologie,OU=V3
Wirtschaftsführung und
Administration,OU=UKG,DC=UMG,DC=BE-MRZ,DC=MED,DC=UNI-GOETTINGEN,DC=DE">
<association>e220548bbaf7114796ae63e70112adb9</association>
<password><!-- content suppressed --></password>
</modify-password>
</input>
</nds>
DirXML: [05/06/08 16:22:42.01]: Loader: Received 'publisher reply' document
DirXML: [05/06/08 16:22:42.01]: Loader: XML Document:
DirXML: [05/06/08 16:22:42.01]: <nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.5.10.20070918 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status event-id="pwd-publish" level="success"><operation-data>
<password-publish-status>
<association>e220548bbaf7114796ae63e70112adb9</association>
</password-publish-status>
</operation-data>
<application>DirXML</application>
<module>G3-7-AD-UMG</module>
<object-dn>CN=admin\, bode,OU=Benutzer -
ITSC,OU=IT-Service-Center,OU=Benutzer,OU=G3-76
IT-Service-Center,OU=Sachgebiete,OU=G3-7 Informationstechnologie,OU=V3
Wirtschaftsführung und
Administration,OU=UKG,DC=UMG,DC=BE-MRZ,DC=MED,DC=UNI-GOETTINGEN,DC=DE
(GOESTERN\UKG\V3\G3-7\Sachgebiete\G3-76\Benutzer\IT-Service-Center\Benutzer\GOESTERN-0146275)</object-dn>
<component>Publisher</component>
</status>
</output>
</nds>
DirXML: [05/06/08 16:22:42.01]: Loader: DirXML returned:
DirXML: [05/06/08 16:22:42.01]: Loader: XML Document:
DirXML: [05/06/08 16:22:42.01]: <nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.5.10.20070918 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status event-id="pwd-publish" level="success"><operation-data>
<password-publish-status>
<association>e220548bbaf7114796ae63e70112adb9</association>
</password-publish-status>
</operation-data>
<application>DirXML</application>
<module>G3-7-AD-UMG</module>
<object-dn>CN=admin\, bode,OU=Benutzer -
ITSC,OU=IT-Service-Center,OU=Benutzer,OU=G3-76
IT-Service-Center,OU=Sachgebiete,OU=G3-7 Informationstechnologie,OU=V3
Wirtschaftsführung und
Administration,OU=UKG,DC=UMG,DC=BE-MRZ,DC=MED,DC=UNI-GOETTINGEN,DC=DE
(GOESTERN\UKG\V3\G3-7\Sachgebiete\G3-76\Benutzer\IT-Service-Center\Benutzer\GOESTERN-0146275)</object-dn>
<component>Publisher</component>
</status>
</output>
</nds>
DirXML: [05/06/08 16:22:42.01]:
DirXML Log Event -------------------
Driver = \GOESTERN\GWDG\GOESTERN DriverSet\G3-7-AD-UMG
Thread = Publisher Channel
Level = success
Message = <operation-data>
<password-publish-status>
<association>e220548bbaf7114796ae63e70112adb9</association>
</password-publish-status>
</operation-data>
<application>DirXML</application>
<module>G3-7-AD-UMG</module>
<object-dn>CN=admin\, bode,OU=Benutzer -
ITSC,OU=IT-Service-Center,OU=Benutzer,OU=G3-76
IT-Service-Center,OU=Sachgebiete,OU=G3-7 Informationstechnologie,OU=V3
Wirtschaftsf&#xFC;hrung und
Administration,OU=UKG,DC=UMG,DC=BE-MRZ,DC=MED,DC=UNI-GOETTINGEN,DC=DE
(GOESTERN\UKG\V3\G3-7\Sachgebiete\G3-76\Benutzer\IT-Service-Center\Benutzer\GOESTERN-0146275)</object-dn>
<component>Publisher</component>
DirXML: [05/06/08 16:22:42.01]: ADDriver:
MadPublisherPassSync:rocessPassSyncEntries() clearing user admin_bode
password