Notes on IT (mainly Microsoft)

AdamSync Common problems

leave a comment »

Here’s a list I have kept of the common problems in attempting to use Adamsync:

[1]Schema mismatch. (Use ADSchemaAnalyzer)

[2]Target partition in Adamsync configuration does not exist in target ADAM. Note: target partition must be an NC head.

[3]MS-AdamSyncMetadata.ldf is not imported

[4]Source AD is W2K and so Replicating Directory Changes permission is not granted for sync account on source AD NC head.

[5]ObjectClass foo is not in the ADAM schema when target-object-class in the ADAMsync configuration is set to foo. foo is usually userProxy.

[6]If target-object-class in ADAMsync is userProxy then objectSID must be in the include element of the ADAMsync configuration.

[7]Account used for ADAMsync /install must be able to write to target ADAM application NC head.

[8]If source-ad-account element is used in the ADAMSync configuration then will probably need /passPrompt on the ADAMSync /install command line.

[9]If object-filter element in ADAMSync configuration uses objectCategory then problems can arise, in particular deletions in source AD will likely not be sync’ed.

[10]object-filter element in ADAMSync configuration needs:

and = “&” use &

or = “|” use  & #124;

not = “!” use & #33;

[11]Choice of target-dn restricts the children that can be sync’ed from AD through possSuperiors e.g. if you make your target-dn ou=something and your base-dn is a domain NC head dc=contoso,dc=com then CN=builtin under the domain NC head will cause a sync failure as OU is not a possSuperior of builtinDomain

[12]Not using /log on the ADAMsync /sync when hitting problems.

[13] Infinite loops in synchronization with Windows 2003 Adamsync

[14] Problems with Adamsync aging runs e.g. random objects may be renamed and then moved into the ADAM Lost and Found container. Aging has many problems and is best avoided.

See also How to troubleshoot an OBJ_CLASS_VIOLATION error in Adamsync in Windows Server 2003 or in Windows Server 2008


Written by adamsync

May 15, 2012 at 21:52

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: