Education & Training
Services & Support
to create and rate content, and to follow, bookmark, and share content with other members.
RE: LDAP - Synchronize New and Changed Users vs Obsolete job
Discussion created by
on Jul 21, 2010
on Jul 29, 2010 by enesh
Show 1 Like
It could be that your filter is wrong and "LDAP - Synchronize New and Changed Users" get zero results.
This content has been marked as final.
Show 2 comments
(Required, will not be published)
Aug 18, 2010 5:47 PM
You WERE RIGHT!
I found the issue.
I changed the Date/Time Format in the NSA to yyyyMMddHHmmss.0Z
Here is my search filter (&(&(&(&(& (&(objectCategory=person)(objectClass=user) (!(userAccountControl:xxxxx.803:=2)) (|(employeetype=C)(employeetype=E)(employeetype=X))(mail=*)(cn=*)(sn=*)))))))
And the JOB concatenated the modifyTimeStamp and we had the wrong format in the NSA (without the .0Z on the end)
Search filter used to get users (using pagination):(&(objectClass=person)(&((&(&(&(&(& (&(objectCategory=person)(objectClass=user) (!(userAccountControl:***.xx:=2)) (|(employeetype=C)(employeetype=E)(employeetype=X))(mail=*)(cn=*)(sn=*))))))))(modifyTimeStamp<=20100722142525.0+0000)))
DEBUG 2010-07-22 10:25:28,340 [Dispatch Thread-15 : ***] directory.LDAPDirectoryService (none:none:none) Total users: 9175
Hope this helps someone not make THAT same mistake!!!!
Show 0 Likes
Jul 29, 2010 7:17 AM
Thank you, I'm glad you've made it.
I learned from expirience that even when job connects to server but gets zero results back from LDAP query it will not write anything to log.
Show 0 Likes
Retrieving data ...
How do I create vse_matches backup files?
Restrict Dynamic Client Registration to known clients
Will CA DevTest Support AMAZON SQS?
Can we send response based on previous request call
Policy too complex to analyze. Why?