[cisco-voip] rights needed for AD integration for ccm6

Scott Voll svoll.voip at gmail.com
Thu Jan 10 15:00:37 EST 2008 

planetcrazy.net was in the trace file.  AD uses the forestdnszones and
domaindnszones as part of the AD / dns sync.

Scott

On Jan 10, 2008 11:06 AM, Joel Perez <tman701 at gmail.com> wrote:

> Pardon my ignorance guys, but what does his issue have to do with  '
> planetcrazy.net', ' forestdnszones.planetcrazy.net', and '
> domaindnszones.planetcrazy.net ?
>
> Im just curious.
>
> Thanks,
> Joel P
>
>
>   On 1/10/08, Scott Voll <svoll.voip at gmail.com> wrote:
> >
> > and make sure all are routable. and close.  we had issues with a DC
> > going offsite over slower link.
> >
> > Scott
> >
> >
> >  On Jan 10, 2008 6:47 AM, Jonathan Charles <jonvoip at gmail.com> wrote:
> >
> > > OK, I will try that tonight...
> > >
> > > Thanks...
> > >
> > >
> > > Jonathan
> > >
> > > On Jan 10, 2008 8:38 AM, Ryan Ratliff <rratliff at cisco.com> wrote:
> > > > Yes it does.
> > > >
> > > > Just guessing though it looks as if you've got referral issues, just
> > >
> > > > going from some of the errors.   Is this Win2k3 AD?  If so do an
> > > > nslookup for ' planetcrazy.net', ' forestdnszones.planetcrazy.net',
> > > and
> > > > ' domaindnszones.planetcrazy.net' and see if there are any bogus
> > > > entries in any of them.
> > > >
> > > > > MESSAGE [LDAP: error code 10 - 0000202B: RefErr: DSID-031005E2,
> > > data
> > > > > 0, 1 access points
> > > > >         ref 1: 'planetcrazy.net '
> > > > >
> > > >
> > > >
> > > > -Ryan
> > > >
> > > >
> > > > On Jan 10, 2008, at 9:38 AM, Jonathan Charles wrote:
> > > >
> > > > Not that easy an option... wait...
> > > >
> > > > Doesn't CCM have a built in sniffer?
> > > >
> > > >
> > > >
> > > > Jonathan
> > > >
> > > > On Jan 10, 2008 8:09 AM, Ryan Ratliff <rratliff at cisco.com> wrote:
> > > > > Go for a sniffer capture.  It's the easiest way to see what's
> > > going
> > > > > on.
> > > > >
> > > > > -Ryan
> > > > >
> > > > >
> > > > > On Jan 9, 2008, at 7:31 PM, Jonathan Charles wrote:
> > > > >
> > > > > The sync is not working tho...
> > > > >
> > > > > I am getting these errors in the DirSync trace...
> > > > >
> > > > > 2008-01-09 14:11:42,451 ERROR
> > > > > [DSLDAPSyncImpl(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)]
> > > > > ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:832) -
> > > > > LDAPSync(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)[LDAPFullSync]
> > > Caught
> > > > > NamingException
> > > > > 2008-01-09 14:11:42,452 ERROR
> > > > > [DSLDAPSyncImpl(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)]
> > > > > ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:833) -
> > > > > LDAPSync(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)[LDAPFullSync]
> > > > > com.sun.jndi.ldap.LdapReferralException: [LDAP: error code 10 -
> > > > > 0000202B: RefErr: DSID-031005E2, data 0, 1 access points
> > > > >         ref 1: ' planetcrazy.net'
> > > > >
> > > > >
> > > > > MESSAGE [LDAP: error code 10 - 0000202B: RefErr: DSID-031005E2,
> > > data
> > > > > 0, 1 access points
> > > > >         ref 1: ' planetcrazy.net'
> > > > >
> > > > > com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2824)
> > > > > com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
> > > > > com.sun.jndi.ldap.LdapCtx.searchAux (LdapCtx.java:1808)
> > > > > com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1731)
> > > > > com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search
> > > > > (ComponentDirContext.java:368)
> > > > > com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search
> > > > > (PartialCompositeDirContext.java:338)
> > > > > com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search
> > > > > (PartialCompositeDirContext.java:321)
> > > > > javax.naming.directory.InitialDirContext.search
> > > > > (InitialDirContext.java:248)
> > > > >
> > > com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.searchInternalEx
> > > > > ac
> > > > > t(DSLDAPSyncImpl.java:1193)
> > > > > com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.LDAPFullSync
> > > > > (DSLDAPSyncImpl.java:823)
> > > > > com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.run
> > > > > (DSLDAPSyncImpl.java:296)
> > > > >
> > > > > 2008-01-09 14:11:42,452 ERROR
> > > > > [DSLDAPSyncImpl(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)]
> > > > > ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:325) -
> > > > > LDAPSync(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)[Run]
> > > > > com.cisco.ccm.dir.dirsync.common.DSException
> > > > > MESSAGE null
> > > > > com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.LDAPFullSync
> > > > > (DSLDAPSyncImpl.java:841)
> > > > > com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.run
> > > > > (DSLDAPSyncImpl.java:296)
> > > > >
> > > > >
> > > > > I have no idea what they mean....
> > > > >
> > > > > And no users are being brought over...
> > > > >
> > > > >
> > > > > Jonathan
> > > > >
> > > > > On Jan 9, 2008 3:34 PM, Craig Staffin < cmstaffin at gmail.com>
> > > wrote:
> > > > >> It just needs to be a member of Domain Users
> > > > >>
> > > > >> There are no special rights needed
> > > > >>
> > > > >> Craig
> > > > >>
> > > > >>
> > > > >> On Jan 9, 2008 2:50 PM, Jonathan Charles < jonvoip at gmail.com >
> > > wrote:
> > > > >>>
> > > > >>> So, what rights does the LDAP user need to AD for it to sync...?
> > >
> > > > >>>
> > > > >>>
> > > > >>>
> > > > >>> Jonathan
> > > > >>> _______________________________________________
> > > > >>> cisco-voip mailing list
> > > > >>> cisco-voip at puck.nether.net
> > > > >>> https://puck.nether.net/mailman/listinfo/cisco-voip
> > > > >>>
> > > > >>
> > > > >>
> > > > >>
> > > > >> --
> > > > >> Craig Staffin
> > > > >> Craig at staffin.org
> > > > >> (H) 262-437-7313
> > > > >> (C) 262-613-6003
> > > > > _______________________________________________
> > > > > cisco-voip mailing list
> > > > > cisco-voip at puck.nether.net
> > > > > https://puck.nether.net/mailman/listinfo/cisco-voip
> > > > >
> > > > >
> > > >
> > > >
> > > _______________________________________________
> > > cisco-voip mailing list
> > > cisco-voip at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-voip
> > >
> > >
> >
> >
> > _______________________________________________
> > cisco-voip mailing list
> > cisco-voip at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-voip
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20080110/410fdc9d/attachment.html

More information about the cisco-voip mailing list