I'm sure I'm missing something obvious

Created a new user, it synced to AD (it goes from prod tree to vault
tree to AD)
Changed password, but it didn't sync

I look at the DS Trace on the production eDir and see this:

14:11:59 96B12BA0 Drvrs: Production-IDM-Edir ST:Start transaction.
14:11:59 96B12BA0 Drvrs: Production-IDM-Edir STiscarding transaction
because of disabled association.

Nothing syncs for this user (only) from the eDir tree to the Vault
Tree. The account is not disabled (anymore) in AD.

If I check in iManager, the IDM association state shows disabled for
this user for the eDir to eDir driver

But, in the vault tree, it shows processed for eDir to eDir and
processed for AD driver.

I can't remember what causes a driver state to show disabled for only
one user (all others are fine).

All we require for creation to AD is simply:
userid
first name
last name

If I create a new user with just that info (and of course, assign it a
password), it works fine.

???


--
kjhurni
------------------------------------------------------------------------
kjhurni's Profile: http://forums.novell.com/member.php?userid=734
View this thread: http://forums.novell.com/showthread.php?t=385276