[cisco-voip] rights needed for AD integration for ccm6

Justin Steinberg jsteinberg at gmail.com
Thu Jan 10 23:35:13 EST 2008 

jonathan,

I am not familiar with the dirsync trace files, but they mention
'sun'.  is it possible that you accidentally chose one of the sun
directory integrations instead of AD?



On Jan 10, 2008 10:30 PM, Jonathan Charles <jonvoip at gmail.com> wrote:
> OK, I get good resolution on domaindnszones.planetcrazy.net and
> planetcrazy.net but nothing back on forestdnszones.planetcrazy.net
>
>
> Jonathan
>
>
> On Jan 10, 2008 8:38 AM, Ryan Ratliff <rratliff at cisco.com> wrote:
> > Yes it does.
> >
> > Just guessing though it looks as if you've got referral issues, just
> > going from some of the errors.   Is this Win2k3 AD?  If so do an
> > nslookup for 'planetcrazy.net', 'forestdnszones.planetcrazy.net', and
> > 'domaindnszones.planetcrazy.net' and see if there are any bogus
> > entries in any of them.
> >
> > > MESSAGE [LDAP: error code 10 - 0000202B: RefErr: DSID-031005E2, data
> > > 0, 1 access points
> > >         ref 1: 'planetcrazy.net'
> > >
> >
> >
> > -Ryan
> >
> >
> > On Jan 10, 2008, at 9:38 AM, Jonathan Charles wrote:
> >
> > Not that easy an option... wait...
> >
> > Doesn't CCM have a built in sniffer?
> >
> >
> >
> > Jonathan
> >
> > On Jan 10, 2008 8:09 AM, Ryan Ratliff <rratliff at cisco.com> wrote:
> > > Go for a sniffer capture.  It's the easiest way to see what's going
> > > on.
> > >
> > > -Ryan
> > >
> > >
> > > On Jan 9, 2008, at 7:31 PM, Jonathan Charles wrote:
> > >
> > > The sync is not working tho...
> > >
> > > I am getting these errors in the DirSync trace...
> > >
> > > 2008-01-09 14:11:42,451 ERROR
> > > [DSLDAPSyncImpl(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)]
> > > ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:832) -
> > > LDAPSync(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)[LDAPFullSync] Caught
> > > NamingException
> > > 2008-01-09 14:11:42,452 ERROR
> > > [DSLDAPSyncImpl(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)]
> > > ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:833) -
> > > LDAPSync(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)[LDAPFullSync]
> > > com.sun.jndi.ldap.LdapReferralException: [LDAP: error code 10 -
> > > 0000202B: RefErr: DSID-031005E2, data 0, 1 access points
> > >         ref 1: 'planetcrazy.net'
> > >
> > >
> > > MESSAGE [LDAP: error code 10 - 0000202B: RefErr: DSID-031005E2, data
> > > 0, 1 access points
> > >         ref 1: 'planetcrazy.net'
> > >
> > > com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2824)
> > > com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
> > > com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1808)
> > > com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1731)
> > > com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search
> > > (ComponentDirContext.java:368)
> > > com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search
> > > (PartialCompositeDirContext.java:338)
> > > com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search
> > > (PartialCompositeDirContext.java:321)
> > > javax.naming.directory.InitialDirContext.search
> > > (InitialDirContext.java:248)
> > > com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.searchInternalEx
> > > ac
> > > t(DSLDAPSyncImpl.java:1193)
> > > com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.LDAPFullSync
> > > (DSLDAPSyncImpl.java:823)
> > > com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.run
> > > (DSLDAPSyncImpl.java:296)
> > >
> > > 2008-01-09 14:11:42,452 ERROR
> > > [DSLDAPSyncImpl(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)]
> > > ldapplugable.DSLDAPSyncImpl (DSLDAPSyncImpl.java:325) -
> > > LDAPSync(4ddb60b4-dadb-42d8-c587-7d08dd0a0a8f)[Run]
> > > com.cisco.ccm.dir.dirsync.common.DSException
> > > MESSAGE null
> > > com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.LDAPFullSync
> > > (DSLDAPSyncImpl.java:841)
> > > com.cisco.ccm.dir.dirsync.ldapplugable.DSLDAPSyncImpl.run
> > > (DSLDAPSyncImpl.java:296)
> > >
> > >
> > > I have no idea what they mean....
> > >
> > > And no users are being brought over...
> > >
> > >
> > > Jonathan
> > >
> > > On Jan 9, 2008 3:34 PM, Craig Staffin <cmstaffin at gmail.com> wrote:
> > >> It just needs to be a member of Domain Users
> > >>
> > >> There are no special rights needed
> > >>
> > >> Craig
> > >>
> > >>
> > >> On Jan 9, 2008 2:50 PM, Jonathan Charles <jonvoip at gmail.com > wrote:
> > >>>
> > >>> So, what rights does the LDAP user need to AD for it to sync...?
> > >>>
> > >>>
> > >>>
> > >>> Jonathan
> > >>> _______________________________________________
> > >>> cisco-voip mailing list
> > >>> cisco-voip at puck.nether.net
> > >>> https://puck.nether.net/mailman/listinfo/cisco-voip
> > >>>
> > >>
> > >>
> > >>
> > >> --
> > >> Craig Staffin
> > >> Craig at staffin.org
> > >> (H) 262-437-7313
> > >> (C) 262-613-6003
> > > _______________________________________________
> > > cisco-voip mailing list
> > > cisco-voip at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-voip
> > >
> > >
> >
> >
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>

More information about the cisco-voip mailing list