Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1125
Views
3
Helpful
4
Replies

Privisionig directory AD synchronization in TMS

maciej_wilk
Level 1
Level 1

‎07-07-2011 05:50 AM - edited ‎03-17-2019 10:22 PM

Hi everyone,

Does anyone know what could cause the external source configuration not  to synchronize with AD even though it is set up correctly and connected?

Maybe you know what permissions in AD does the user for synchronization need to have?

The only thing in documentation is "Cisco recommends that this user be  the Service Account and that password retention policies are not applied  to it."

Kind regards

Maciek

Labels:
0 Helpful
4 Replies 4

Martin Koch
VIP Alumni
VIP Alumni

‎07-20-2011 02:20 PM

There are many points :-)

* firewall / network issue

* configuration issue on the TMS

* wrong user / password

* wrong dn / search space

* wrong permissions

* ...

In general it needs permission to read the user DN values which are listed in the provisioning guide.

helpful tools are an ldap browser and a packet analyzer and some ad/ldap knowledge

Please remember to rate helpful responses and identify

0 Helpful

maciej_wilk
Level 1
Level 1
In response to Martin Koch

‎07-21-2011 10:20 AM

If anyone has a similar issue, the resolution is to disable replication and reinstall the OpenDS database on the VCS.

Very strange, but it worked..

Martin Koch
VIP Alumni
VIP Alumni
In response to maciej_wilk

‎07-22-2011 12:06 AM

Do you remember if you saw a specific error message (either in the Prov. Dir. or on the TMS Agent diagnostics)

on the TMS webinterface or in the logs?

To do a manual sync and then get some more info on how the output looks sounds like a good idea in this case.

When you have such an issue like you had, I would also expect that the TMS agent diagnostics would have given you an error.

Good that you fixed it! Is it possible to select your own answer as the answer for a thread? Then you should .-)

Please remember to rate helpful responses and identify

0 Helpful

maciej_wilk
Level 1
Level 1
In response to Martin Koch

‎07-22-2011 05:22 AM

Martin, it's not possible

It was strange because the TMS Agent diagnostics showed no errors..

The only thing I remember was the prompt at the beginning of synchronization "This is job number..." and there was no number. So it might have indicated an issue with not being able to retrieve the info from the database.

But besides that everything was ok.

0 Helpful
Customers Also Viewed These Support Documents