[cisco-voip] rights needed for AD integration for ccm6
Ryan Ratliff
rratliff at cisco.com
Thu Jan 10 09:38:40 EST 2008
Yes it does.
Just guessing though it looks as if you've got referral issues, just
going from some of the errors. Is this Win2k3 AD? If so do an
nslookup for 'planetcrazy.net', 'forestdnszones.planetcrazy.net', and
'domaindnszones.planetcrazy.net' and see if there are any bogus
entries in any of them.
> MESSAGE [LDAP: error code 10 - 0000202B: RefErr: DSID-031005E2, data
> 0, 1 access points
> ref 1: 'planetcrazy.net'
>
-Ryan
On Jan 10, 2008, at 9:38 AM, Jonathan Charles wrote:
Not that easy an option... wait...
Doesn't CCM have a built in sniffer?
Jonathan
On Jan 10, 2008 8:09 AM, Ryan Ratliff <rratliff at cisco.com> wrote:
> Go for a sniffer capture. It's the easiest way to see what's going
> on.
>
> -Ryan
>
>
> On Jan 9, 2008, at 7:31 PM, Jonathan Charles wrote:
>
> The sync is not working tho...
>
> I am getting these errors in the DirSync trace...
>
> 2008-01-09 14:11:42,451 ERROR
> [DSLDAPSyncImpl(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)]
> ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:832) -
> LDAPSync(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)[LDAPFullSync] Caught
> NamingException
> 2008-01-09 14:11:42,452 ERROR
> [DSLDAPSyncImpl(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)]
> ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:833) -
> LDAPSync(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)[LDAPFullSync]
> com.sun.jndi.ldap.LdapReferralException: [LDAP: error code 10 -
> 0000202B: RefErr: DSID-031005E2, data 0, 1 access points
> ref 1: 'planetcrazy.net'
>
>
> MESSAGE [LDAP: error code 10 - 0000202B: RefErr: DSID-031005E2, data
> 0, 1 access points
> ref 1: 'planetcrazy.net'
>
> com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2824)
> com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
> com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1808)
> com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1731)
> com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search
> (ComponentDirContext.java:368)
> com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search
> (PartialCompositeDirContext.java:338)
> com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search
> (PartialCompositeDirContext.java:321)
> javax.naming.directory.InitialDirContext.search
> (InitialDirContext.java:248)
> com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.searchInternalEx
> ac
> t(DSLDAPSyncImpl.java:1193)
> com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.LDAPFullSync
> (DSLDAPSyncImpl.java:823)
> com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.run
> (DSLDAPSyncImpl.java:296)
>
> 2008-01-09 14:11:42,452 ERROR
> [DSLDAPSyncImpl(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)]
> ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:325) -
> LDAPSync(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)[Run]
> com.cisco.ccm.dir.dirsync.common.DSException
> MESSAGE null
> com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.LDAPFullSync
> (DSLDAPSyncImpl.java:841)
> com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.run
> (DSLDAPSyncImpl.java:296)
>
>
> I have no idea what they mean....
>
> And no users are being brought over...
>
>
> Jonathan
>
> On Jan 9, 2008 3:34 PM, Craig Staffin <cmstaffin at gmail.com> wrote:
>> It just needs to be a member of Domain Users
>>
>> There are no special rights needed
>>
>> Craig
>>
>>
>> On Jan 9, 2008 2:50 PM, Jonathan Charles <jonvoip at gmail.com > wrote:
>>>
>>> So, what rights does the LDAP user need to AD for it to sync...?
>>>
>>>
>>>
>>> Jonathan
>>> _______________________________________________
>>> cisco-voip mailing list
>>> cisco-voip at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>
>>
>>
>>
>> --
>> Craig Staffin
>> Craig at staffin.org
>> (H) 262-437-7313
>> (C) 262-613-6003
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
More information about the cisco-voip
mailing list