Highlighted
Absent Member.
Absent Member.
882 views

Directory Association Questions

I'm planning on upgrading my GW2012 server to 2014 this coming weekend and am in the final stages of working in my testing environment. My upgrade is going successful but I'm having a couple of behavioral questions in regards to the Directory Association step that I'm mildly concerned about.

In my first upgrade attempts I discovered that my LDAP User Synchronization job was not configured correctly so that I had the warning post-upgrade indicating that directory association was not successful. I resolved this issue and now when I test my upgrade I do not get this notice. At this point immediately post-upgrade, if I look at my Users list I see the correct icon indicating that the user is associated with a directory account, but I can also go to Directory Associations, perform a search against eDirectory and the search results tell me that none of my users are associated. Should I believe the post-installation user's list or should I run the Directory Association just to be safe?

That leads me to my second question, when I do run the Directory Association, each time I've run it I have the same 10 users experience an error, which when I click on the error's details I get a null javascript. At that point if I update the Association list it indicates that all of my users are now associated. Is this anything to worry about since it appears to associate accounts, or how would I find out what is causing my errors after closing the screen after the initial association? Thank you
Labels (1)
0 Likes
2 Replies
Highlighted
Absent Member.
Absent Member.

Re: Directory Association Questions


After an update, the users are only partially associated. GW admin knows what directory the user is associated to, in an update, it's edir. It also knows what the users eDir DN is. However, to be fully associated for 2014, GW needs the LDAP GUID from the eDir object as well. This is accomplished by the first MTA directory sync. The MTA will find the eDir object via the DN, the grab the LDAP GUID and write it to the GW object.



So, for an update process, after the update, if you want to retain the user associations to eDir, it's a good idea to kick off a Sync process. You can do this by going to the directory object in GW admin console | System | LDAP Servers. Select the directory object that was created by the update, and there is a 'SYNC' button at the bottom. This fires off a msg to the MTA to perform a dir Sync outside of his normal Scheduled Events timeframe



--Morris



>>> marklar23<marklar23@no-mx.forums.novell.com> 8/26/2014 7:56 AM >>>




I'm planning on upgrading my GW2012 server to 2014 this coming weekend
and am in the final stages of working in my testing environment. My
upgrade is going successful but I'm having a couple of behavioral
questions in regards to the Directory Association step that I'm mildly
concerned about.

In my first upgrade attempts I discovered that my LDAP User
Synchronization job was not configured correctly so that I had the
warning post-upgrade indicating that directory association was not
successful. I resolved this issue and now when I test my upgrade I do
not get this notice. At this point immediately post-upgrade, if I look
at my Users list I see the correct icon indicating that the user is
associated with a directory account, but I can also go to Directory
Associations, perform a search against eDirectory and the search results
tell me that none of my users are associated. Should I believe the
post-installation user's list or should I run the Directory Association
just to be safe?

That leads me to my second question, when I do run the Directory
Association, each time I've run it I have the same 10 users experience
an error, which when I click on the error's details I get a null
javascript. At that point if I update the Association list it indicates
that all of my users are now associated. Is this anything to worry
about since it appears to associate accounts, or how would I find out
what is causing my errors after closing the screen after the initial
association? Thank you


--
marklar23
------------------------------------------------------------------------
marklar23's Profile: https://forums.novell.com/member.php?userid=5123
View this thread: https://forums.novell.com/showthread.php?t=478960
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Directory Association Questions

mblackham;2330734 wrote:
So, for an update process, after the update, if you want to retain the user associations to eDir, it's a good idea to kick off a Sync process. You can do this by going to the directory object in GW admin console | System | LDAP Servers. Select the directory object that was created by the update, and there is a 'SYNC' button at the bottom. This fires off a msg to the MTA to perform a dir Sync outside of his normal Scheduled Events timeframe


I did this process after my last upgrade test and I get prompted with the option to write the internet addresses to the system address book (or something like that), and I receive a message that there was an error on 14 accounts. Is there a way to find detail on which accounts had the error? I was searching the interface and wasn't having any luck finding details, as well as the MTA log file. But I might not have recognized what I was supposed to be looking for.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.