[There is another post with this title, but nobody updated it]

This what I had as my setup:

IDM 3.5.1/eDir8.8.1 === (SSL) ===> Win 2K3 AD + RL

We are trying to move to this

IDM 3.5.1/eDir8.8.1 ===(SSL)===> Win 2K3 Member Server with RL
===(Non-SSL)===> Win 2K8 AD

The connection between the member server and the domain controller will
be over SSL (it just has not been done yet).

The driver configuration I was using worked without any problem in the
previous environment. I have made the necessary changes (that I know)
to be able to use the same driver configuration in the new server
layout. The driver comes up. I am able to refresh the application
schema. I was able to synchronize a group. However, I am having issues
synchronizing users.

If a user does not exist in the domain, when the user changes his/her
password, the user does not get created and the trace shows a message

"<status event-id="pwd-subscribe" level="error"
type="driver-general">Could not set password via platform call. Err=2221
(user not found)<operation-data>

If try to migrate a user through the migration option in the driver, I
get the following error message

Message: <ldap-err ldap-rc="53"
<client-err ldap-rc="53"
ldap-rc-name="LDAP_UNWILLING_TO_PERFORM">Unwilling To
<server-err>00000057: LdapErr: DSID-0C041FB6, comment: Error in
attribute conversion operation, data 0, v1771</server-err>
<server-err-ex win32-rc="87"/>

Any thoughts on what I could be missing or doing wrong? I can submit
trace with more detailed information.

|Filename: trace-password-error.log |
|Download: http://forums.novell.com/attachment....achmentid=1861 |

celsolima's Profile: http://forums.novell.com/member.php?userid=1764
View this thread: http://forums.novell.com/showthread.php?t=348155