My Oracle Support Banner

ISW Requires Proper Configuration of the Schema Being Used Within ODSEE and Active Directory Entries. (Doc ID 1427728.1)

Last updated on MAY 17, 2018

Applies to:

Oracle Directory Server Enterprise Edition - Version: 6.3 SP1 to - Release: 6.0 to 11gR1
Information in this document applies to any platform.


If ISW is unable to link or synchronize SUN Directory accounts with Active Directory, you will notice when attempting to link users with the "idsync resync" command that no modifications are actually written to the DS user entry, even tho the command line indicates it is updating entries and completes with a "Success".

When actually looking at the user entry in the DS, if things were successful with the initial idsync resync, the directory server user entry would be updated with the values in bold, below.  If it has failed these entries will be missing/not set within your user entries.

dn: uid=exampleuser,ou=people,dc=example,dc=com
objectclass: dspswuser
dspswuserlink: (a binary value that does not display properly that is the ObjectGUID value from the corresponding "linked" AD entry)
dspswvalidate: true

You will also note err=65 messages (objectclass violation) in both the user DS access logs as well as the "connector" logs (CNN1##) at the time linking is taking place when things are NOT configured correctly.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.