Directory Association Questions

I'm planning on upgrading my GW2012 server to 2014 this coming weekend and am in the final stages of working in my testing environment. My upgrade is going successful but I'm having a couple of behavioral questions in regards to the Directory Association step that I'm mildly concerned about.

In my first upgrade attempts I discovered that my LDAP User Synchronization job was not configured correctly so that I had the warning post-upgrade indicating that directory association was not successful. I resolved this issue and now when I test my upgrade I do not get this notice. At this point immediately post-upgrade, if I look at my Users list I see the correct icon indicating that the user is associated with a directory account, but I can also go to Directory Associations, perform a search against eDirectory and the search results tell me that none of my users are associated. Should I believe the post-installation user's list or should I run the Directory Association just to be safe?

That leads me to my second question, when I do run the Directory Association, each time I've run it I have the same 10 users experience an error, which when I click on the error's details I get a null javascript. At that point if I update the Association list it indicates that all of my users are now associated. Is this anything to worry about since it appears to associate accounts, or how would I find out what is causing my errors after closing the screen after the initial association? Thank you

  • After an update, the users are only partially associated. GW admin knows what directory the user is associated to, in an update, it's edir. It also knows what the users eDir DN is. However, to be fully associated for 2014, GW needs the LDAP GUID from the eDir object as well. This is accomplished by the first MTA directory sync. The MTA will find the eDir object via the DN, the grab the LDAP GUID and write it to the GW object.



    So, for an update process, after the update, if you want to retain the user associations to eDir, it's a good idea to kick off a Sync process. You can do this by going to the directory object in GW admin console | System | LDAP Servers. Select the directory object that was created by the update, and there is a 'SYNC' button at the bottom. This fires off a msg to the MTA to perform a dir Sync outside of his normal Scheduled Events timeframe



    --Morris



    >>> marklar23<marklar23@no-mx.forums.novell.com> 8/26/2014 7:56 AM >>>




    I'm planning on upgrading my GW2012 server to 2014 this coming weekend
    and am in the final stages of working in my testing environment. My
    upgrade is going successful but I'm having a couple of behavioral
    questions in regards to the Directory Association step that I'm mildly
    concerned about.

    In my first upgrade attempts I discovered that my LDAP User
    Synchronization job was not configured correctly so that I had the
    warning post-upgrade indicating that directory association was not
    successful. I resolved this issue and now when I test my upgrade I do
    not get this notice. At this point immediately post-upgrade, if I look
    at my Users list I see the correct icon indicating that the user is
    associated with a directory account, but I can also go to Directory
    Associations, perform a search against eDirectory and the search results
    tell me that none of my users are associated. Should I believe the
    post-installation user's list or should I run the Directory Association
    just to be safe?

    That leads me to my second question, when I do run the Directory
    Association, each time I've run it I have the same 10 users experience
    an error, which when I click on the error's details I get a null
    javascript. At that point if I update the Association list it indicates
    that all of my users are now associated. Is this anything to worry
    about since it appears to associate accounts, or how would I find out
    what is causing my errors after closing the screen after the initial
    association? Thank you


    --
    marklar23
    ------------------------------------------------------------------------
    marklar23's Profile: https://forums.novell.com/member.php?userid=5123
    View this thread: https://forums.novell.com/showthread.php?t=478960
  • mblackham;2330734 wrote:
    So, for an update process, after the update, if you want to retain the user associations to eDir, it's a good idea to kick off a Sync process. You can do this by going to the directory object in GW admin console | System | LDAP Servers. Select the directory object that was created by the update, and there is a 'SYNC' button at the bottom. This fires off a msg to the MTA to perform a dir Sync outside of his normal Scheduled Events timeframe


    I did this process after my last upgrade test and I get prompted with the option to write the internet addresses to the system address book (or something like that), and I receive a message that there was an error on 14 accounts. Is there a way to find detail on which accounts had the error? I was searching the interface and wasn't having any luck finding details, as well as the MTA log file. But I might not have recognized what I was supposed to be looking for.