服务器 Gind.cn
  1. 服务器 Gind.cn
  3. adamsync.exe /同步失败,“命名冲突”
Intereting Posts
低CPU和内存利用率。 这是否意味着服务器是健康的? 独立单线程优化服务器vs VM在VMWare上运行 * .domain.local在我的/ etc / hosts中 如何在Windows Server 2003 r2盒子上提供CXML文件? 为什么我在Solaris 10中仍然有大量的可用内存时遇到与交换空间相关的错误? 无法在ubuntu中更新MYSQL启动设置 傀儡在UI中主机组上运行导致:无法应用目录:损坏的pipe道 – <STDOUT> Nginx位置重写规则匹配GeoIP标头值 我刚刚被黑客入侵吗? (入侵警报,已知的黑客电子邮件被标记为Thunderbird中的电子邮件的收件人) PostgreSQL:允许执行函数(插入到表中),但没有权限直接插入 使用Office 365设置单点login的问题 划分挑战 神秘的打印分隔符页面 GPO刷新错误 – 策略刷新没有在预期的时间内完成。 退出 openldap确保密码不包含用户名

adamsync.exe /同步失败,“命名冲突”

我试图与AD DS条目同步我的AD LDS实例(本地主机:50006)(基本上试图从AD DS中获取用户和计算机帐户,以便我可以在我的LDS实例中使用Windows安全主体)。 我一直在跟随http://technet.microsoft.com/en-us/library/cc770408.aspx和_http://blogs.msdn.com/b/jeff/archive/2007/04/01/synchronize-active-目录到adam与adamsync-step-by-step.aspx做同步,并得到Ldap错误发生。 ldap_add_sW:命名违规。 扩展信息:00002099:NameErr:DSID-030510C6,问题2005(NAMING_VIOLATION),数据0,最好匹配:'CN = Test,DC = COM'

任何想法如何分析或debugging真的有用:)(请参阅下面的所有细节)

更新

看起来像我需要更新架构与posssuperiors( http://blogs.technet.com/b/efleis/archive/2005/09/14/syncing-to-our-ou-synctargetou-nc-instead.aspx )。 我会更新你的工作。

来自日志的错误细节 

Processing Entry: Page 1, Frame 1, Entry 48, Count 1, USN 0 Processing source entry <guid=2b4f58a3ba5a3246b1fd59594d2d4c4f> Processing in-scope entry 2b4f58a3ba5a3246b1fd59594d2d4c4f. Adding target object CN=Builtin,CN=Test,DC=COM. Adding attributes: sourceobjectguid, objectClass, instanceType, showInAdvancedViewOnly, creationTime, forceLogoff, lockoutDuration, lockOutObservationWindow, lockoutThreshold, maxPwdAge, minPwdAge, minPwdLength, modifiedCountAtLastProm, nextRid, pwdProperties, pwdHistoryLength, uASCompat, lastagedchange, Ldap error occured. ldap_add_sW: Naming Violation. Extended Info: 00002099: NameErr: DSID-030510C6, problem 2005 (NAMING_VIOLATION), data 0, best match of: 'CN=Test,DC=COM' . Ldap error occured. ldap_add_sW: Naming Violation. Extended Info: 00002099: NameErr: DSID-030510C6, problem 2005 (NAMING_VIOLATION), data 0, best match of: 'CN=Test,DC=COM' . Saving Configuration File on CN=Test,DC=COM Saved configuration file.

执行命令 

 C:\Windows\ADAM>LDIFDE.EXE -i -u -s localhost:50008 -c "cn=Configuration,dc=X" # configurationNamingContext -j . -f MS-adamschemaw2k8.LDF ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ......... C:\Windows\ADAM>LDIFDE.EXE -i -c "cn=Configuration,dc=X" #configurationNamingCon text -f MS-AdamSyncMetadata.LDF .......... C:\Windows\ADAM>notepad test.xml C:\Windows\ADAM>adamsync.exe /install localhost:50008 test.xml Done. C:\Windows\ADAM>adamsync.exe /sync localhost:50008 CN=Test,DC=COM **Ldap error occured. ldap_add_sW: Naming Violation. Extended Info: 00002099: NameErr: DSID-030510C6, problem 2005 (NAMING_VIOLATION)** , data 0, best match of: 'CN=Test,DC=COM' .

我已经replace了文章中提到的条目(请参阅下面的XML和AD LDS实例设置conf): 

 <configuration> <description>sample Adamsync configuration file</description> <security-mode>object</security-mode> <source-ad-name>mydomain.com</source-ad-name> <source-ad-partition>DC=mydomain,DC=com</source-ad-partition> <source-ad-account>domainadminaccount</source-ad-account> <account-domain>mydomain.com</account-domain> <target-dn>CN=Test,DC=COM</target-dn> <query> <base-dn>DC=mydomain,DC=com</base-dn> <object-filter>(objectClass=*)</object-filter> Install a unique instance of AD LDS. Instance name: instance5 Computers will connect to this instance of AD LDS using the following ports: LDAP port: 50008 SSL port: 50009 AD LDS replication will use Negotiate authentication. Store AD LDS data files in the following location: C:\Program Files\Microsoft ADAM\instance5\data Store AD LDS log files in the following location: C:\Program Files\Microsoft ADAM\instance5\data Run AD LDS using the following account: NT AUTHORITY\NetworkService Set up the following account to administer AD LDS: mydomain\domainadminuseraccount Create the following application directory partition: CN=Test,DC=COM Import these LDIF files: MS-AdamSyncMetadata.LDF MS-ADLDS-DisplaySpecifiers.LDF MS-InetOrgPerson.LDF MS-User.LDF MS-UserProxy.LDF MS-UserProxyFull.LDF

最好的祝福!