Hi All,

Having a problem here with a handful of users unable to synchronise
their password from AD to eDirectory.

The client had to reimport an AD Driver due to some replica problems
they were having. This lost all user associations. New users worked
fine, however current users were failing on modify. Understandable.

So we have recreated the association through a full user migration to
the Vault. This rebuilt all associations and modify's started working
again.

However, users who attempted password changes whilst there was no
associations are now unable to sync, even with their associations now in
tact.

The initial output from trace was the following:

DirXML Log Event -------------------
Driver: \PT-NDS\PTO\IDM3_Drivers_3K11\PT-AD-Driver
Channel: Publisher
Object: CN=Test
User,OU=PT-Users-Groups,DC=pt,DC=qld,DC=gov,DC=au
(PTO\PT-Users-Groups\testacc)
Status: Error
Message: Code(-9010) An exception occurred:
novell.jclient.JCException: generateKeyPair -632 ERR_SYSTEM_FAILURE


A policy was added to the driver to manually populate the
nspmdistributionpassword in the command transformation. However this
output the following from the driver:


[04/09/09 16:49:54.437]: PT-AD-Driver PT: Filtering out
notification-only attributes.
[04/09/09 16:49:54.437]: PT-AD-Driver PT: Pumping XDS to eDirectory.
[04/09/09 16:49:54.437]: PT-AD-Driver PT: Performing operation modify
for PTO\PT-Users-Groups\testacc.
[04/09/09 16:49:54.437]: PT-AD-Driver PT: Modifying entry
PTO\PT-Users-Groups\testacc.
[04/09/09 16:49:54.546]: PT-AD-Driver PT:
DirXML Log Event -------------------
Driver: \PT-NDS\PTO\IDM3_Drivers_3K11\PT-AD-Driver
Channel: Publisher
Object: CN=Test
User,OU=PT-Users-Groups,DC=pt,DC=qld,DC=gov,DC=au
(PTO\PT-Users-Groups\testacc)
Status: Success
[04/09/09 16:49:54.546]: PT-AD-Driver PT:
DirXML Log Event -------------------
Driver: \PT-NDS\PTO\IDM3_Drivers_3K11\PT-AD-Driver
Channel: Publisher
Object: CN=Test
User,OU=PT-Users-Groups,DC=pt,DC=qld,DC=gov,DC=au
(PTO\PT-Users-Groups\testacc)
Status: Warning
Message: Code(-8021) Unable to set NMAS password, -1418.
[04/09/09 16:49:54.546]: PT-AD-Driver PT:
DirXML Log Event -------------------
Driver: \PT-NDS\PTO\IDM3_Drivers_3K11\PT-AD-Driver
Channel: Publisher
Object: CN=Test
User,OU=PT-Users-Groups,DC=pt,DC=qld,DC=gov,DC=au
(PTO\PT-Users-Groups\testacc)
Status: Warning
Message: Code(-8021) Unable to set NMAS password,
com.novell.nds.dhutil.DSErr: -1418 (0xfffffa76).





Anyone have any similar issues, if so, any help would be greatly
appreciated.

Cheers

dbligh


--
dbligh
------------------------------------------------------------------------
dbligh's Profile: http://forums.novell.com/member.php?userid=9141
View this thread: http://forums.novell.com/showthread.php?t=368858