Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » ADAM Sync Issue: objects get not deleted in local instance
ADAM Sync Issue: objects get not deleted in local instance [message #160749] Mon, 07 September 2009 09:44 Go to next message
sonic  is currently offline sonic  Germany
Messages: 4
Registered: August 2009
Junior Member
hi,

i use AdamSync to synchronize parts of our AD to a local ADAM instance.
Therefore I am using the following LDAP Filter:
(&(objectClass=group)(!(msExchRequireAuthToSendTo:=TRUE) ))
Now, when I run AdamSync for the first time i will get the correct
synchronization (only those objects where the msExchRequireAuthToSendTo
value is set to false or no value).

The problem is, when I make a change in the AD (i.e set the
msExchRequireAuthToSendTo value from false to true) and run adamsync again,
this object will not be removed from my local ADAM instance, even though it
violates my LDAP Filter.
The aging frequency in my config-file is set to 1. msExchRequireAuthToSendTo
is on the include-list in my config-file.
What am I doing wrong?

Tahnks!
sonic
Re: ADAM Sync Issue: objects get not deleted in local instance [message #160781 is a reply to message #160749] Tue, 08 September 2009 06:35 Go to previous message
Lee Flight  is currently offline Lee Flight  United Kingdom
Messages: 392
Registered: July 2009
Senior Member
Hi

I do not think that will work for you. Objects on the ADAM target of an
ADAMsync
setup only get deleted when they fall out of scope where for ADAMsync
"scope"
is defined (roughly) by the location in the source AD as specified in the
base-dn
of the ADAMsync configuration. AD object deletions can be tracked assuming
AD
is WS03 SP1 or later but some moves cannot and it was those that aging was
meant
to handle, unfortunately aging is broken in all released versions of
ADAMsync but
I do not think that it would help you.
If the object filter has matched for an in-scope object then that object
will be sync'ed
to ADAM and will stay there until it falls out of scope (as defined above).
Provisioning/Deprovisioning based on an attribute transition would require a
more
sophisticated tool with ADAMsync I guess you would need to rip and replace
on the sync.

Lee Flight



"sonic" <ewd@ess.rf> wrote in message
news:%235WkhI9LKHA.4964@TK2MSFTNGP06.phx.gbl...
> hi,
>
> i use AdamSync to synchronize parts of our AD to a local ADAM instance.
> Therefore I am using the following LDAP Filter:
> (&(objectClass=group)(!(msExchRequireAuthToSendTo:=TRUE) ))
> Now, when I run AdamSync for the first time i will get the correct
> synchronization (only those objects where the msExchRequireAuthToSendTo
> value is set to false or no value).
>
> The problem is, when I make a change in the AD (i.e set the
> msExchRequireAuthToSendTo value from false to true) and run adamsync
> again, this object will not be removed from my local ADAM instance, even
> though it violates my LDAP Filter.
> The aging frequency in my config-file is set to 1.
> msExchRequireAuthToSendTo is on the include-list in my config-file.
> What am I doing wrong?
>
> Tahnks!
> sonic
>
Previous Topic:Choose active directory domain name
Next Topic:what happens behind the seen new user creation
Goto Forum:
  


Current Time: Tue Jan 16 04:20:10 MST 2018

Total time taken to generate the page: 0.03915 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software