Education & Training
Services & Support
to create and rate content, and to follow, bookmark, and share content with other members.
RE: LDAP - Synchronize New and Changed Users vs Obsolete job
Discussion created by
on Jul 21, 2010
on Jul 29, 2010 by enesh
Show 1 Like
It could be that your filter is wrong and "LDAP - Synchronize New and Changed Users" get zero results.
This content has been marked as final.
Show 2 comments
(Required, will not be published)
Aug 18, 2010 5:47 PM
You WERE RIGHT!
I found the issue.
I changed the Date/Time Format in the NSA to yyyyMMddHHmmss.0Z
Here is my search filter (&(&(&(&(& (&(objectCategory=person)(objectClass=user) (!(userAccountControl:xxxxx.803:=2)) (|(employeetype=C)(employeetype=E)(employeetype=X))(mail=*)(cn=*)(sn=*)))))))
And the JOB concatenated the modifyTimeStamp and we had the wrong format in the NSA (without the .0Z on the end)
Search filter used to get users (using pagination):(&(objectClass=person)(&((&(&(&(&(& (&(objectCategory=person)(objectClass=user) (!(userAccountControl:***.xx:=2)) (|(employeetype=C)(employeetype=E)(employeetype=X))(mail=*)(cn=*)(sn=*))))))))(modifyTimeStamp<=20100722142525.0+0000)))
DEBUG 2010-07-22 10:25:28,340 [Dispatch Thread-15 : ***] directory.LDAPDirectoryService (none:none:none) Total users: 9175
Hope this helps someone not make THAT same mistake!!!!
Show 0 Likes
Jul 29, 2010 7:17 AM
Thank you, I'm glad you've made it.
I learned from expirience that even when job connects to server but gets zero results back from LDAP query it will not write anything to log.
Show 0 Likes
Retrieving data ...
SetScript in Perl ?
Ability to customize claim values inside ID_Token
Failed to remove Virtual Service
Credentials and EEM
May Release 277 install