07-21-2015 07:11 PM - edited 03-17-2019 03:43 AM
We are trying to use MS AD LDS on Windows Server 2012 to replicated users from a Windows 2008 Domain Controller. I have the users replicated into the AD LDS server and all the common AD attributes are populated into the user objects. When I integrated the CUCM server LDAP directory to the LDS server I get no users imported. Trace of the dirsync service has the following errors:
2015-07-21 19:21:17,030 ERROR [DirSync-DBInterface] common.DSDBInterface (DSDBInterface.java:530) - DSDBInterface.updateUserInfo LDAP data discarded: Missing LDAP attribute: Attribute Count=1 AgreementId=a349db20-db98-6881-b0b3-acd05f58db2d [uniqueidentifier]
2015-07-21 19:21:17,033 ERROR [DirSync-DBInterface] common.DSDBInterface (DSDBInterface.java:530) - DSDBInterface.updateUserInfo LDAP data discarded: Missing LDAP attribute: Attribute Count=1 AgreementId=a349db20-db98-6881-b0b3-acd05f58db2d [uniqueidentifier]
2015-07-21 19:21:50,916 ERROR [DSLDAPSyncImpl(a349db20-db98-6881-b0b3-acd05f58db2d)] ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:1761) - LDAPSync(a349db20-db98-6881-b0b3-acd05f58db2d)[getInvocationId] caught exception ... [LDAP: error code 32 - 0000208D: NameErr: DSID-03152709, problem 2001 (NO_OBJECT), data 0, best match of: 'CN=Configuration,CN={849DE2E7-27D5-4B17-9D69-A050626A7AA5}']
2015-07-21 19:21:50,917 ERROR [DSLDAPSyncImpl(a349db20-db98-6881-b0b3-acd05f58db2d)] ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:1762) - LDAPSync(a349db20-db98-6881-b0b3-acd05f58db2d)[getInvocationId] javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-03152709, problem 2001 (NO_OBJECT), data 0, best match of:'CN=Configuration,CN={849DE2E7-27D5-4B17-9D69-A050626A7AA5}']; remaining name 'CN=NTDS Settings,CN=AD-LDS$Multiforest,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,CN={849DE2E7-27D5-4B17-9D69-A050626A7AA5}' MESSAGE [LDAP: error code 32 - 0000208D: NameErr: DSID-03152709, problem 2001 (NO_OBJECT), data 0, best match of: 'CN=Configuration,CN={849DE2E7-27D5-4B17-9D69-A050626A7AA5}'
These errors appear to indicate that a required field is not configured. The last name field has been populated. Has anyone been successful with getting AD LDS integrated with CUCM LDAP. Any pointers?
Mike
07-21-2015 08:36 PM
Hi,
In your directory integration in CUCM, look for the mandatory fields and make sure that you are filling them in AD.
Also, please look at RTMT traces for Directory service and share them with us to see which attribute is missing.
What is the LDAP attribute used for User ID in your CUCM configuration? This has to be filled in AD user attributes.
07-22-2015 07:47 AM
I was just looking at the logs again and I do not see any of the accounts that I expect to import listed in dirsync00007.txt.
I have provided the log file with the CUCM Directory Configuration and user attributes.
The only thing that looked odd was the 'sourceObjectGuid' attribute.
09-19-2016 01:14 PM
Good afternoon Mike,
Did you ever find a resolution for this issue? I'm receiving the same LDAP: error code 32, however we've been LDAP integrated for over 1 year. This RTMT syslog was just triggered about 1 week ago.... no LDAP changes that I know of took place...
Any suggestions or guidance will be greatly appreciated!
Thank you,
Diana
06-18-2018 11:39 AM
08-28-2018 12:17 PM - edited 08-28-2018 12:20 PM
08-28-2018 12:17 PM - edited 08-28-2018 12:18 PM
Did you find the root cause for those LDAP errors(Error code 32).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide