Re: Good afternoon Mike,

Mike Lydick · ‎07-21-2015

We are trying to use MS AD LDS on Windows Server 2012 to replicated users from a Windows 2008 Domain Controller. I have the users replicated into the AD LDS server and all the common AD attributes are populated into the user objects. When I integrated the CUCM server LDAP directory to the LDS server I get no users imported. Trace of the dirsync service has the following errors:

2015-07-21 19:21:17,030 ERROR [DirSync-DBInterface] common.DSDBInterface (DSDBInterface.java:530) - DSDBInterface.updateUserInfo LDAP data discarded: Missing LDAP attribute: Attribute Count=1 AgreementId=a349db20-db98-6881-b0b3-acd05f58db2d

[uniqueidentifier]

2015-07-21 19:21:17,033 ERROR [DirSync-DBInterface] common.DSDBInterface (DSDBInterface.java:530) - DSDBInterface.updateUserInfo LDAP data discarded: Missing LDAP attribute: Attribute Count=1 AgreementId=a349db20-db98-6881-b0b3-acd05f58db2d

[uniqueidentifier]

2015-07-21 19:21:50,916 ERROR [DSLDAPSyncImpl(a349db20-db98-6881-b0b3-acd05f58db2d)] ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:1761) - LDAPSync(a349db20-db98-6881-b0b3-acd05f58db2d)[getInvocationId] caught exception ... [LDAP: error code 32 - 0000208D: NameErr: DSID-03152709, problem 2001 (NO_OBJECT), data 0, best match of:

'CN=Configuration,CN={849DE2E7-27D5-4B17-9D69-A050626A7AA5}']

2015-07-21 19:21:50,917 ERROR [DSLDAPSyncImpl(a349db20-db98-6881-b0b3-acd05f58db2d)] ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:1762) - LDAPSync(a349db20-db98-6881-b0b3-acd05f58db2d)[getInvocationId] javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-03152709, problem 2001 (NO_OBJECT), data 0, best match of:'CN=Configuration,CN={849DE2E7-27D5-4B17-9D69-A050626A7AA5}']; remaining name 'CN=NTDS Settings,CN=AD-LDS$Multiforest,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,CN={849DE2E7-27D5-4B17-9D69-A050626A7AA5}'

MESSAGE [LDAP: error code 32 - 0000208D: NameErr: DSID-03152709, problem 2001 (NO_OBJECT), data 0, best match of:

'CN=Configuration,CN={849DE2E7-27D5-4B17-9D69-A050626A7AA5}'

These errors appear to indicate that a required field is not configured. The last name field has been populated. Has anyone been successful with getting AD LDS integrated with CUCM LDAP. Any pointers?

Mike

Mohammed al Baqari · ‎07-21-2015

Hi,

In your directory integration in CUCM, look for the mandatory fields and make sure that you are filling them in AD.

Also, please look at RTMT traces for Directory service and share them with us to see which attribute is missing.

What is the LDAP attribute used for User ID in your CUCM configuration? This has to be filled in AD user attributes.

Mike Lydick · ‎07-22-2015

I was just looking at the logs again and I do not see any of the accounts that I expect to import listed in dirsync00007.txt.

I have provided the log file with the CUCM Directory Configuration and user attributes.

The only thing that looked odd was the 'sourceObjectGuid' attribute.

dianareyes · ‎09-19-2016

Good afternoon Mike,

Did you ever find a resolution for this issue? I'm receiving the same LDAP: error code 32, however we've been LDAP integrated for over 1 year. This RTMT syslog was just triggered about 1 week ago.... no LDAP changes that I know of took place...

Any suggestions or guidance will be greatly appreciated!

Thank you,

Diana

Anil Sharma · ‎06-18-2018

Hi there,
Were u able to fix this ?
I am also facing same issue, any guidance please. Thank u

zerocool443 · ‎08-28-2018

zerocool443 · ‎08-28-2018

Did you find the root cause for those LDAP errors(Error code 32).

CUCM 10.5 and Microsoft AD LDS