LDAP dir sync import failed, error=2

rsigle · Postby **rsigle** » Thu Mar 02, 2006 12:41 pm

I have installed Scalix 10 on Redhat linux and I am trying to synchronize directory data between Exchange 2003 and Scalix.

I also receive the following errors:

failed to run omldapagent and 12 entries failed for add.curr

My users are not in the standard "users" ou in exchange. I just wanted to clarify that in case that is the problem.

Any suggestions would be helpful.

rsigle · Postby **rsigle** » Thu Mar 02, 2006 1:35 pm

I should also mention that scalix successfully imported the groups, but not users.

Postby **ScalixSupport** » Thu Mar 02, 2006 1:38 pm

You haven't posted any information that can help us.

Please can you post the relevant sections from the sync.log which shows the errors.

Cheers

Dave

rsigle · Postby **rsigle** » Thu Mar 02, 2006 1:47 pm

2006-03-02 10:16:07 STATUS: LDAP dir sync import exch started ###############
2006-03-02 10:16:07 STATUS: load all records from 10.10.1.253 ...
2006-03-02 10:16:09 INFO: work dir is /var/opt/scalix/ldapsync/exch/import
2006-03-02 10:16:09 STATUS: search source directory on 10.10.1.253 ...
2006-03-02 10:16:09 INFO: search base is ou=it,ou=chicago,dc=thinkorswim,dc=com
2006-03-02 10:16:10 INFO: ... 12 entries to check
2006-03-02 10:16:10 STATUS: find delta and perform mapping ...
2006-03-02 10:16:10 INFO: ... 0 entries to delete
2006-03-02 10:16:10 INFO: ... 12 entries to add
2006-03-02 10:16:10 INFO: ... 0 entries to modify
2006-03-02 10:16:10 STATUS: apply membdelete data against Scalix ...
2006-03-02 10:16:10 INFO: ... 0 entries passed for member.curr
2006-03-02 10:16:10 INFO: ... 0 entries failed for member.curr
2006-03-02 10:16:10 INFO: ... 0 entries warned for member.curr
2006-03-02 10:16:10 STATUS: apply delete data against Scalix ...
2006-03-02 10:16:11 INFO: ... 0 entries passed for delete.curr
2006-03-02 10:16:11 INFO: ... 0 entries failed for delete.curr
2006-03-02 10:16:11 INFO: ... 0 entries warned for delete.curr
2006-03-02 10:16:11 STATUS: apply add data against Scalix ...
--------> Sending SOAP Request to Ubermanager@http://scalix.test.thinkorswim.com/
caa/ for method:AddUser
--------> Received SOAP Response from Ubermanager@http://scalix.test.thinkorswim.
com/caa/
error: Response contains failure report
>>>>>>>>SOAP Request
SOAP part:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header/>
<SOAP-ENV:Body>
<scalix-caa:CAARequestMessage xmlns:scalix-caa="http://www.scalix.com/caa
">
<ServiceType>scalix.res</ServiceType>
<Credentials id="12345">
<Identity name="sxadmin@scalix.test.thinkorswim.com" passwd="xxxx
xxxx"/>
</Credentials>
<FunctionName>AddUser</FunctionName>
<ScalixServers>
<Host>scalix.test.thinkorswim.com</Host>
</ScalixServers>
<AddUserParameters>
<user type="INTERNET"/>
<mailNode name="internet,tnef"/>
<userAttributes>

2006-03-02 10:16:22 ERROR: failed to run omldapagent
--------> Sending SOAP Request to Ubermanager@http://scalix.test.thinkorswim.com/caa/ for method:AddUser
--------> Received SOAP Response from Ubermanager@http://scalix.test.thinkorswim.com/caa/
error: Response contains failure report
>>>>>>>>SOAP Request
SOAP part:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header/>
<SOAP-ENV:Body>
<scalix-caa:CAARequestMessage xmlns:scalix-caa="http://www.scalix.com/caa">
<ServiceType>scalix.res</ServiceType>
<Credentials id="12345">
<Identity name="sxadmin@scalix.test.thinkorswim.com" passwd="xxxxxxxx"/>
</Credentials>
<FunctionName>AddUser</FunctionName>
<ScalixServers>
<Host>scalix.test.thinkorswim.com</Host>
</ScalixServers>
<AddUserParameters>
<user type="INTERNET"/>
<mailNode name="internet,tnef"/>
<userAttributes>
<entity name="S" value="Sigle"/>
<entity name="CNTRY" value="US"/>
<entity name="L" value="Chicago"/>
<entity name="STATE-OR-PROVINCE" value="Illinois"/>
<entity name="POSTAL-CODE" value="60657"/>
<entity name="PD-OFFICE-NAME" value="Chicago"/>
<entity name="PHONE-1" value="773-435-3286"/>
<entity name="G" value="Rick"/>
<entity name="FOREIGN-ADDR" value="CN=Rick Sigle,OU=Operations,OU=IT,OU=Chicago,DC=thinkorswim,DC=com"/>
<entity name="CN" value="Rick Sigle"/>
<entity name="STREET-ADDRESS" value="3304 Lincoln Avenue"/>
<entity name="ALIAS" value="rick"/>
<entity name="GLOBAL-UNIQUE-ID" value="Z0FUuc+gSU+qnJDEJJe3Hg=="/>
<entity name="ACCOUNT_STATUS" value="unlock"/>
<entity name="UL-AUTHID" value="rick@THINKORSWIM.COM"/>
<entity name="INTERNET-ADDR" value="rick@thinkorswim.com"/>
<entity name="ADMINISTERED-BY" value="ldapsync-exch"/>
</userAttributes>
</AddUserParameters>
</scalix-caa:CAARequestMessage>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
>>>>>>>>SOAP Response
SOAP part:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Body>
<SOAP-ENV:Fault>
<faultcode>SOAP-ENV:Server</faultcode>
<faultstring>CAA Service Error</faultstring>
<detail>
<scalix-caa:fault-details xmlns:scalix-caa="http://www.scalix.com/caa">
<message>CN=Rick Sigle/G=Rick/S=Sigle/OU1=internet/OU2=tnef/UL-AUTHID=rick@THINKORSWIM.COM/POSTAL-CODE=60657/FOREIGN-ADDR=CN\=Rick Sigle,OU\=Operations,OU\=IT,OU\=Chicago,DC\=thinkorswim,DC\=com/PD-OFFICE-NAME=Chicago/L=Chicago/STREET-ADDRESS=3304 Lincoln Avenue/ADMINISTERED-BY=ldapsync-exch/ACCOUNT_STATUS=unlock/PHONE-1=773-435-3286/STATE-OR-PROVINCE=Illinois/ALIAS=rick/CNTRY=US/GLOBAL-UNIQUE-ID=Z0FUuc+gSU+qnJDEJJe3Hg\=\=/INTERNET-ADDR=rick@thinkorswim.com [OM 16073] Unknown attribute specified. Parameter : Entry Attribute : ACCOUNT_STATUS :scalix.test.thinkorswim.com</message>
<errorcode>OM 16073</errorcode>
</scalix-caa:fault-details>
</detail>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
0 entries passed
1 entries failed
0 entries warned
2006-03-02 10:16:23 ERROR: failed to run omldapagent
2006-03-02 10:16:23 INFO: ... 0 entries passed for add.curr
2006-03-02 10:16:23 INFO: ... 12 entries failed for add.curr
2006-03-02 10:16:23 INFO: ... 0 entries warned for add.curr
2006-03-02 10:16:23 STATUS: apply limit data against Scalix ...
2006-03-02 10:16:24 INFO: ... 0 entries passed for add.curr
2006-03-02 10:16:24 INFO: ... 0 entries failed for add.curr
2006-03-02 10:16:24 INFO: ... 0 entries warned for add.curr
2006-03-02 10:16:24 STATUS: apply modify data against Scalix ...
2006-03-02 10:16:24 INFO: ... 0 entries passed for modify.curr
2006-03-02 10:16:24 INFO: ... 0 entries failed for modify.curr
2006-03-02 10:16:24 INFO: ... 0 entries warned for modify.curr
2006-03-02 10:16:24 STATUS: apply limit data against Scalix ...
2006-03-02 10:16:24 INFO: ... 0 entries passed for modify.curr
2006-03-02 10:16:24 INFO: ... 0 entries failed for modify.curr
2006-03-02 10:16:24 INFO: ... 0 entries warned for modify.curr
2006-03-02 10:16:24 STATUS: apply membadd data against Scalix ...
2006-03-02 10:16:25 INFO: ... 0 entries passed for member.curr
2006-03-02 10:16:25 INFO: ... 0 entries failed for member.curr
2006-03-02 10:16:25 INFO: ... 0 entries warned for member.curr
2006-03-02 10:16:25 STATUS: apply membmodify data against Scalix ...
2006-03-02 10:16:26 INFO: ... 0 entries passed for member.curr
2006-03-02 10:16:26 INFO: ... 0 entries failed for member.curr
2006-03-02 10:16:26 INFO: ... 0 entries warned for member.curr
2006-03-02 10:16:26 STATUS: LDAP dir sync import failed, error=2 ###########
2006-03-02 10:16:26 STATUS: LDAP dir sync export exch started ###############
2006-03-02 10:16:26 STATUS: load all records from scalix.test.thinkorswim.com ...
2006-03-02 10:16:26 INFO: agreement type 11 only supports import operation
2006-03-02 10:16:26 STATUS: LDAP dir sync export exch completed #############

Postby **ScalixSupport** » Thu Mar 02, 2006 3:41 pm

We encountered this recently and a bug report has been logged to address this. What it comes down to is that the ACCOUNT_STATUS should not be present for internet users.

I need to do some investigation as there may be a workaround to use the attribute based on the presence of others but, if you are only using omldapsync to import internet users, i.e. you are not managing Scalix users from AD, you can remove reference to ACCOUNT_STATUS from the mapping table in your sync agreement.

Cheers

Dave

rsigle · Postby **rsigle** » Thu Mar 02, 2006 3:45 pm

I am currently evaluating scalix. My plan was to migrate some users over to scalix, in which case, they would be internet users (from what I understand). Eventually, I would like to manage/authenticate users against AD. If I remove this attribute at this time, will I need to re-import the user data when the bug is fixed?

Thanks,

Rick

kevinsweeney · Postby **kevinsweeney** » Wed Mar 29, 2006 1:02 pm

What is the status of this bug. We are also evaluating Scalix for our company but will need this to work correctly.

florian · Postby **florian** » Tue Jul 04, 2006 6:06 am

The bug will be fixed in the next major scalix release.

As a workaround, remove the mapping for ACCOUNT_STATUS by deleting the two lines

userAccountControl|ACCOUNT_STATUS|*,1,10!FLAGUNSET=2|unlock
userAccountControl|ACCOUNT_STATUS|*,1,10!FLAGISSET=2|lock

from your sync.cfg file and also removing the source attribute userAccountControl from the list of extractable attributes in EX_ATTR.

Hope this helps,
Florian.

Scalix Forums

LDAP dir sync import failed, error=2

LDAP dir sync import failed, error=2

Additional info

sync.log

Who is online