Highlighted
Knowledge Partner
Knowledge Partner

Re: MS LDS Modify user Error

ekathep00 <ekathep00@no-mx.forums.microfocus.com> wrote:
>

Now it do moved users account But got this error
>



> Attempt to move an object to an unassociated

container</status>
>


Can you post the engine side level 3 trace for the actual move event?
Did the object actually move?

In general though the unassociated parent error is a somewhat common issue
with moves and mirrored placement.

> And i still had problem with update and delete users


As you have several distinct issues maybe you should create a separate
thread for each problem with a level 3 engine trace (and if possible remote
loader trace) from start transaction until end transaction.

--
ekathep00
------------------------------------------------------------------------
ekathep00's Profile: https://forums.netiq.com/member.php?userid=10878
View this thread: https://forums.netiq.com/showthread.php?t=54938

>




--
If you find this post helpful and are logged into the web interface, show
your appreciation and click on the star below...
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: MS LDS Modify user Error


What happend is i moved User in Edir Vault
then LDS Driver Subscriber Moved a user to Destination OU object
<<Success
But still Got Error even it success moved user to Destination OU
object.

Engine Trace Log
------------------------
393
------------------------
Rloader Trace log
------------------------
392
------------------------


+----------------------------------------------------------------------+
|Filename: Driver LDS.txt |
|Download: https://forums.netiq.com/attachment.php?attachmentid=393 |
+----------------------------------------------------------------------+

--
ekathep00
------------------------------------------------------------------------
ekathep00's Profile: https://forums.netiq.com/member.php?userid=10878
View this thread: https://forums.netiq.com/showthread.php?t=54938

0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: MS LDS Modify user Error


Hi ekathep00,
Just quick view on your trace shows me reason of your
LDAP_UNWILLING_TO_PERFORM error: you can't push to AD single value
attribute email "double" value!
Defenetely this operation will fail.

> <modify-attr attr-name="email">
> <remove-all-values/>
> <add-value>
> <value timestamp="1450431250#51"
> type="string">fon@mail.com</value>
> <value timestamp="1450431250#52"
> type="string">1234@mail.com</value>
> </add-value>


Alex


--
If you find this post helpful, please show your appreciation by clicking
on the star below :cool:
------------------------------------------------------------------------
al_b's Profile: https://forums.netiq.com/member.php?userid=209
View this thread: https://forums.netiq.com/showthread.php?t=54938

0 Likes
Highlighted
Absent Member.
Absent Member.

Re: MS LDS Modify user Error


email is my custom attribute and it's Malti value.
AD default attribute is mail. mail is single value attribute.


--
ekathep00
------------------------------------------------------------------------
ekathep00's Profile: https://forums.netiq.com/member.php?userid=10878
View this thread: https://forums.netiq.com/showthread.php?t=54938

0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: MS LDS Modify user Error

ekathep00 wrote:

>
> email is my custom attribute and it's Malti value.
> AD default attribute is mail. mail is single value attribute.


Start driver, refresh application schema.
Use this policy. link it as the last policy in your OTP

https://forums.netiq.com/showthread.php?48674-Bugfixing-Generic-Single-valued-Schema-Enforcement

This will fix such problems.
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: MS LDS Modify user Error


I do refresh application schema.
and import This policy to otp
[image: http://postimg.org/image/7p7yee8q1/]


But still got error.

Remoteloader Trace file
---------------------------
http://tinyurl.com/ps2mdkn
---------------------------
Driver Trace file
---------------------------
http://tinyurl.com/gqnc978
---------------------------


--
ekathep00
------------------------------------------------------------------------
ekathep00's Profile: https://forums.netiq.com/member.php?userid=10878
View this thread: https://forums.netiq.com/showthread.php?t=54938

0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: MS LDS Modify user Error

ekathep00 wrote:

>
>


Is this policy linked and deployed correctly in otp? Neither your screenshot or your trace seems to indicate this is linked in.

Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: MS LDS Modify user Error


It's Linked and deployed correcly.

------------------------------------------
[12/22/15 13:53:07.019]:LDS1 ST:Filtering out notification-only
attributes.
[12/22/15 13:53:07.020]:LDS1 ST:Fixing up association references.
[12/22/15 13:53:07.020]:LDS1 ST:Applying schema mapping policies to
output.
[12/22/15 13:53:07.020]:LDS1 ST:Applying policy: %+C%14Csmp%-C.
[12/22/15 13:53:07.020]:LDS1 ST: Mapping attr-name 'Internet EMail
Address' to 'email'.
[12/22/15 13:53:07.020]:LDS1 ST: Mapping class-name 'User' to
'kuinfo'.
[12/22/15 13:53:07.021]:LDS1 ST:Applying output transformation
policies.
[12/22/15 13:53:07.021]:LDS1 ST:Applying policy: %+C%14Cotp%-C.
[12/22/15 13:53:07.021]:LDS1 ST: Applying to modify #1.
[12/22/15 13:53:07.021]:LDS1 ST: Evaluating selection criteria for
rule 'Handle Multi-to-single valued conversions'.
[12/22/15 13:53:07.022]:LDS1 ST: (if-operation equal "add") =
FALSE.
[12/22/15 13:53:07.022]:LDS1 ST: (if-operation equal "modify") =
TRUE.
[12/22/15 13:53:07.022]:LDS1 ST: Rule selected.
[12/22/15 13:53:07.022]:LDS1 ST: Applying rule 'Handle
Multi-to-single valued conversions'.
[12/22/15 13:53:07.022]:LDS1 ST: Action: do-if().
[12/22/15 13:53:07.023]:LDS1 ST: Evaluating conditions.
[12/22/15 13:53:07.023]:LDS1 ST: (if-local-variable
'APP-SCHEMA' not-available) = TRUE.
[12/22/15 13:53:07.023]:LDS1 ST: Performing if actions.
[12/22/15 13:53:07.023]:LDS1 ST: Action:
do-set-local-variable("APP-SCHEMA",notrace="true",scope="driver",arg-node-set(token-document("vnd.nds.stream:"+"/"+token-parse-dn(dest-dn-delims="00,/+=*\",dest-dn-format="custom",src-dn-format="slash",token-global-variable("dirxml.auto.driverdn"))+"#"+"DirXML-ApplicationSchema"))).
[12/22/15 13:53:07.032]:LDS1 ST: -- trace suppressed --
[12/22/15 13:53:07.033]:LDS1 ST: Action:
do-for-each(arg-node-set(token-xpath(".//@attr-name[not(../remove-all-values
and not(../add-value)) and not(..//@type='structured')]"))).
[12/22/15 13:53:07.033]:LDS1 ST:
arg-node-set(token-xpath(".//@attr-name[not(../remove-all-values and
not(../add-value)) and not(..//@type='structured')]"))
[12/22/15 13:53:07.033]:LDS1 ST:
token-xpath(".//@attr-name[not(../remove-all-values and
not(../add-value)) and not(..//@type='structured')]")
[12/22/15 13:53:07.034]:LDS1 ST: Token Value: {@attr-name =
"email"}.
[12/22/15 13:53:07.034]:LDS1 ST: Arg Value: {@attr-name =
"email"}.
[12/22/15 13:53:07.034]:LDS1 ST: Performing actions for
local-variable(current-node) = @attr-name = "email".
[12/22/15 13:53:07.035]:LDS1 ST: Action:
do-set-local-variable("ATTR-DEF",notrace="true",scope="policy",arg-node-set(token-xpath("$APP-SCHEMA/schema-def/class-def/attr-def[@attr-name=$current-node]"))).
[12/22/15 13:53:07.036]:LDS1 ST: -- trace suppressed --
[12/22/15 13:53:07.037]:LDS1 ST: Action:
do-set-local-variable("MULTI-VALUED",scope="policy",token-xpath("$ATTR-DEF[1]/@multi-valued")).
[12/22/15 13:53:07.037]:LDS1 ST:
arg-string(token-xpath("$ATTR-DEF[1]/@multi-valued"))
[12/22/15 13:53:07.037]:LDS1 ST:
token-xpath("$ATTR-DEF[1]/@multi-valued")
[12/22/15 13:53:07.037]:LDS1 ST: Token Value: "true".
[12/22/15 13:53:07.038]:LDS1 ST: Arg Value: "true".
[12/22/15 13:53:07.038]:LDS1 ST: Action: do-if().
[12/22/15 13:53:07.038]:LDS1 ST: Evaluating conditions.
[12/22/15 13:53:07.038]:LDS1 ST: (if-local-variable
'MULTI-VALUED' equal "false") = FALSE.
[12/22/15 13:53:07.038]:LDS1 ST: Performing else actions.
[12/22/15 13:53:07.039]:LDS1 ST:Policy returned:


--
ekathep00
------------------------------------------------------------------------
ekathep00's Profile: https://forums.netiq.com/member.php?userid=10878
View this thread: https://forums.netiq.com/showthread.php?t=54938

0 Likes
Highlighted
Absent Member.
Absent Member.

Re: MS LDS Modify user Error


it's not just email attribute.
i tried to update other attribute for example givenName, displayname,
telePhoneNumber.
it got the same error.


--
ekathep00
------------------------------------------------------------------------
ekathep00's Profile: https://forums.netiq.com/member.php?userid=10878
View this thread: https://forums.netiq.com/showthread.php?t=54938

0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: MS LDS Modify user Error

ekathep00 wrote:

>
> it's not just email attribute.
> i tried to update other attribute for example givenName, displayname,
> telePhoneNumber.
> it got the same error.


Maybe the ADLDS schema is incorrect then.

The trace looks like it is processing correctly. However the app schema seems to say that email is multi-valued in AD LDS.
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
Absent Member.
Absent Member.

Re: MS LDS Modify user Error


Yes it's Multi-Valued in AD LDS.

I can create user using this attribute via ldap browser.
i am 100% sure it's not schema problem.

because ldap default schema like givenName discription telephoneNumber
is not working too.


--
ekathep00
------------------------------------------------------------------------
ekathep00's Profile: https://forums.netiq.com/member.php?userid=10878
View this thread: https://forums.netiq.com/showthread.php?t=54938

0 Likes
Highlighted
Absent Member.
Absent Member.

Re: MS LDS Modify user Error


Problem solved
follow this topic
https://www.novell.com/support/kb/doc.php?id=7008961

FYI
regards
ekathep


--
ekathep00
------------------------------------------------------------------------
ekathep00's Profile: https://forums.netiq.com/member.php?userid=10878
View this thread: https://forums.netiq.com/showthread.php?t=54938

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.