omldapsync problem with AD setup

cbandrew · Postby **cbandrew** » Wed Apr 26, 2006 11:52 am

Hello,

I am able to do an ldapsearch command against an AD server and get the correct info, however, when I add a user and run omldapsyc -i AD_SX1, run action 3 to update the directory and I get this error:
--------> Sending SOAP Request to Ubermanager@http://makin.wi.mit.edu/caa/ for method:AddUser
--------> Received SOAP Response from Ubermanager@http://makin.wi.mit.edu/caa/
error: Response contains failure report
>>>>>>>>SOAP Request
SOAP part:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header/>
<SOAP-ENV:Body>
<scalix-caa:CAARequestMessage xmlns:scalix-caa="http://www.scalix.com/caa">
<ServiceType>scalix.res</ServiceType>
<Credentials id="12345">
<Identity name="sxadmin@makin.wi.mit.edu" passwd="xxxxxxxx"/>
</Credentials>
<FunctionName>AddUser</FunctionName>
<AddUserParameters>
<user type="MAIL"/>
<mailNode name="makin,wi"/>
<userAttributes>
<entity name="FOREIGN-ADDR" value="CN=testscalix,CN=Users,DC=scalix,DC=wi,DC=mit,DC=edu"/>
<entity name="CN" value="testscalix"/>
<entity name="GLOBAL-UNIQUE-ID" value="MJqEHENviEi9sxnBOSWmvA=="/>
<entity name="ACCOUNT_STATUS" value="unlock"/>
<entity name="UL-AUTHID" value="testscalix@SCALIX.WI.MIT.EDU"/>
<entity name="UL-IL" value="AMERICAN"/>
<entity name="INTERNET-ADDR" value=""testscalix" <testscalix@wi.mit.edu>"/>
<entity name="UL-CLASS" value="FULL"/>
<entity name="ADMINISTERED-BY" value="ldapsync-AD_SX1"/>
</userAttributes>
</AddUserParameters>
</scalix-caa:CAARequestMessage>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
>>>>>>>>SOAP Response
SOAP part:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Body>
<SOAP-ENV:Fault>
<faultcode>SOAP-ENV:Server</faultcode>
<faultstring>CAA Service Error</faultstring>
<detail>
<scalix-caa:fault-details xmlns:scalix-caa="http://www.scalix.com/caa">
<message>Malformed userAttributes element. It must have at least 'G' or 'S' or 'I' elements</message>
<errorcode>UM-1012</errorcode>
</scalix-caa:fault-details>
</detail>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Are there a list of UM errror codes available?

thanks

Postby **ScalixSupport** » Wed Apr 26, 2006 12:02 pm

Malformed userAttributes element. It must have at least 'G' or 'S' or 'I' elements

This is key. It looks like there are no attributes that map to the Given, Surname or Initials.

Can you post the output from ldapsearch for that entry ?

Cheers

Dave

cbandrew · Postby **cbandrew** » Wed Apr 26, 2006 12:11 pm

this is the resoponse:

1scalixuser, Users, scalix.wi.mit.edu
dn: CN=1scalixuser,CN=Users,DC=scalix,DC=wi,DC=mit,DC=edu
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: 1scalixuser
givenName: 1scalixuser
distinguishedName: CN=1scalixuser,CN=Users,DC=scalix,DC=wi,DC=mit,DC=edu
instanceType: 4
whenCreated: 20060426160823.0Z
whenChanged: 20060426160855.0Z
displayName: 1scalixuser
uSNCreated: 24737
uSNChanged: 24754
name: 1scalixuser
objectGUID:: YkhKSk2gt0eEmmCezpyuxg==
userAccountControl: 66048
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 0
lastLogoff: 0
lastLogon: 0
pwdLastSet: 127905413034375000
primaryGroupID: 513
objectSid:: AQUAAAAAAAUVAAAANbe3DaQQKvuRjyJ/YgQAAA==
accountExpires: 9223372036854775807
logonCount: 0
sAMAccountName: 1scalixuser
sAMAccountType: 805306368
userPrincipalName: 1scalixuser@scalix.wi.mit.edu
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=scalix,DC=wi,DC=mit,DC
=edu
mail: 1scalixuser@wi.mit.edu
scalixScalixObject: TRUE
scalixMailnode: makin,wi
scalixServerLanguage: AMERICAN
scalixEmailAddress: "1scalixuser" <1scalixuser@wi.mit.edu>
scalixMailboxClass: FULL

# search reference
ref: ldap://ForestDnsZones.scalix.wi.mit.edu ... alix,DC=wi
,DC=mit,DC=edu

# search reference
ref: ldap://DomainDnsZones.scalix.wi.mit.edu ... alix,DC=wi
,DC=mit,DC=edu

# search reference
ref: ldap://scalix.wi.mit.edu/CN=Configurati ... mit,DC=edu

# search result

Postby **ScalixSupport** » Wed Apr 26, 2006 12:17 pm

The first test you can do is to move the givenName value to the lastName field instead and see if that resolves it.

Cheers

Dave

cbandrew · Postby **cbandrew** » Wed Apr 26, 2006 1:14 pm

I tried moving the givenName to the lastName field. It seems to be working. thanks

Scalix Forums