The following is a trace from the Remote Loader of what I hope is an
oddity in AD. The first document shows that a User is being added to a
group in AD, and the last document shows that AD is sending back an
event removing everyone except the John Doe who was just added. I'm at
a loss as to why it would do that. We've just done an upgrade to IDM
3.5.1 from IDM 3.0 so that's one possible culprit, but it doesn't seem
likely from the information below. Help appreciated as always, and
more information is available on request.

DirXML: [06/09/08 15:07:20.17]: Loader: XML Document:
DirXML: [06/09/08 15:07:20.17]: <nds dtdversion="3.5"
ndsversion="8.x">
<source>
<product version="3.5.10.20070918 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify cached-time="20080609200754.102Z"
class-name="group" event-id="Active Directory Domain#Publisher#0"
qualified-src-dn="O=Lab\OU=Groups-Domain\CN=FIAP-Scanner"
src-dn="\VAULT\Lab\Groups-Domain\FIAP-Scanner" src-entry-id="47088"
timestamp="1213042074#1">
<association
state="associated">1cc371e2381e38448bc9d4f505b1c78 7</association>
<modify-attr attr-name="member">
<add-value>
<value
association-ref="406bc6b74acc7a419169422b1eb9a8c0"
timestamp="1213042074#1" type="dn">\VAULT\Lab\New\testUser</value>
</add-value>
</modify-attr>
</modify>
</input>
</nds>
DirXML: [06/09/08 15:07:20.17]: ADDriver: parse command

className group
destDN
eventId Active Directory Domain#Publisher#0
association 1cc371e2381e38448bc9d4f505b1c787
DirXML: [06/09/08 15:07:20.17]: ADDriver: parse modify class = group
DirXML: [06/09/08 15:07:20.17]: ADDriver: association
DirXML: [06/09/08 15:07:20.17]: ADDriver:
1cc371e2381e38448bc9d4f505b1c787
DirXML: [06/09/08 15:07:20.17]: ADDriver: modify-attr
DirXML: [06/09/08 15:07:20.17]: ADDriver: add-value
DirXML: [06/09/08 15:07:20.17]: ADDriver: value
DirXML: [06/09/08 15:07:20.17]: ADDriver:
\VAULT\Lab\New\testUser
DirXML: [06/09/08 15:07:20.18]: ADDriver: ldap_modify group
CN=FIAP-Scanner,OU=Employees,OU=IDM,DC=testDomain,DC=local
LDAPMod operations:
add attribute member
>> CN=John Doe,OU=Employees,OU=IDM,DC=testDomain,DC=local

DirXML: [06/09/08 15:07:20.23]: Loader: subscriptionShim->execute()
returned:
DirXML: [06/09/08 15:07:20.23]: Loader: XML Document:
DirXML: [06/09/08 15:07:20.23]: <nds ndsversion="8.7"
dtdversion="1.1">
<source>
<product version="3.5.1" asn1id=""
build="20070823_095000" instance="\VAULT\Lab\Services\DirXML\Active
Directory testDomain">AD</product>
<contact>Novell, Inc.</contact>
</source>
<output>
<status level="success" event-id="Active Directory
Domain#Publisher#0"/>
</output>
</nds>
DirXML: [06/09/08 15:07:20.23]:
DirXML Log Event -------------------
Driver = \VAULT\Lab\Services\DirXML\Active Directory testDomain
Thread = Subscriber Channel
Object = \VAULT\Lab\Groups-Domain\FIAP-Scanner
Level = success
DirXML: [06/09/08 15:07:29.62]: ADDriver: Publisher Poll
DirXML: [06/09/08 15:07:29.64]: ADDriver: get object changes - 0x0000
DirXML: [06/09/08 15:07:29.64]: ADDriver: process object change entry
DirXML: [06/09/08 15:07:29.64]: ADDriver: Processing change from AD:
isDeleted: NULL, whenCreated NULL, name NULL
DirXML: [06/09/08 15:07:29.64]: ADDriver: Publisher MODIFY
DirXML: [06/09/08 15:07:29.64]: ADDriver: Publisher Modify-
effectiveClassQuery
dn=CN=FIAP-Scanner,OU=Employees,OU=IDM,DC=testDomain,DC=local
className=group
DirXML: [06/09/08 15:07:29.64]: ADDriver: description
DirXML: [06/09/08 15:07:29.64]: ADDriver: displayName
DirXML: [06/09/08 15:07:29.64]: ADDriver: managedBy
DirXML: [06/09/08 15:07:29.64]: ADDriver: Publisher Modify- Linked
Attribute
dn=CN=FIAP-Scanner,OU=Employees,OU=IDM,DC=testDomain,DC=local
className=group
DirXML: [06/09/08 15:07:29.64]: ADDriver: SUCCESS...
remove-all-values, modify-attr, and add-value elements
successfully added to document.
DirXML: [06/09/08 15:07:29.64]: ADDriver: member
(linked attribute)
DirXML: [06/09/08 15:07:29.64]: ADDriver: physicalDeliveryOfficeName
DirXML: [06/09/08 15:07:29.64]: Loader: Received document from
publicationShim
DirXML: [06/09/08 15:07:29.64]: Loader: XML Document:
DirXML: [06/09/08 15:07:29.64]: <nds dtdversion="2.2">
<source>
<product version="3.5.10.20070918 ">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify class-name="group" event-id="0"
src-dn="CN=FIAP-Scanner,OU=Employees,OU=IDM,DC=testDomain,DC=local ">

<association>1cc371e2381e38448bc9d4f505b1c787</association>
<modify-attr attr-name="member">
<remove-all-values/>
<add-value>
<value type="dn"
association-ref="406bc6b74acc7a419169422b1eb9a8c0"
naming="false">CN=John Doe,OU=Employees,OU=I
DM,DC=testDomain,DC=local</value>
</add-value>
</modify-attr>
</modify>
</input>
</nds>


--
nate_spears
------------------------------------------------------------------------
nate_spears's Profile: http://forums.novell.com/member.php?userid=7564
View this thread: http://forums.novell.com/showthread.php?t=333390