Hi,
i have a problem with synching my AD Users.
Everything seems to be fine, login ist ok, DS can reach AD, in a tcpdump i see a search request from the DS, but afterwards there is an answer from the AD server that says
"Can't parse message ID: Wrong type for that item"
the full initialization is reported as "sucessful" but no AD users show up in the DS
anybdoy has an idea what i did wrong ?
Regards soeren
Soeren Malchow Head of Central Technical Services
Interone Worldwide GmbH Schulterblatt 58 20357 Hamburg T +49.40.43 29 69 - 547 F +49.40.43 29 69 - 90
mailto:soeren.malchow@interone.de http://www.interone.de
NOTE: Information contained in this message is confidential and may be legally privileged. If you are not the adressee indicated in this message (or responsible for the delivery of the message to such person), you may not copy, disclose or deliver this message or any part of it to anyone, in any form. In such case, you should delete this message and kindly notify the sender by reply Email. Opinions, conclusions and other information in this message that does not relate to the official business of BBDO Germany shall be understood as neither given nor endorsed by it.
Sören Malchow wrote:
i have a problem with synching my AD Users.
Everything seems to be fine, login ist ok, DS can reach AD, in a tcpdump i see a search request from the DS, but afterwards there is an answer from the AD server that says
"Can't parse message ID: Wrong type for that item"
Hi, can you post a bit more information about this ? Where exactly do you see that message ?
Hi,
i can see this message when duming network traffic between DS and AD, and when i look at the dump with ethereal this message shows up thousands of time.
Ok one after another
1. DS uses the AD user i used for sync to successfully bind to AD
2. The DS issues a search request for the correct Base DN
3. AD answers
- 1. answer seems to be search result - 2. - nth answer seems to be individual CNs, but in this case i can see either
"Can't parse message ID: Wrong type for that item" prepended by "Invalid LDAP packet" or "Can't parse sequence header: Wrong type for that item" prepended by "Invalid LDAP message"
in ethereal.
It seems as if it is not on the TCP Layer cause SYN packet look good and ACK later on as well
soeren
David Boreham david_list@boreham.org Sent by: fedora-directory-users-bounces@redhat.com 02.02.2006 16:50 Please respond to david_list@boreham.org; Please respond to "General discussion list for the Fedora Directory server project." fedora-directory-users@redhat.com
To "General discussion list for the Fedora Directory server project." fedora-directory-users@redhat.com cc
Subject Re: [Fedora-directory-users] Problem with WindowsSync
Sören Malchow wrote:
i have a problem with synching my AD Users.
Everything seems to be fine, login ist ok, DS can reach AD, in a tcpdump i see a search request from the DS, but afterwards there is an answer from the AD server that says
"Can't parse message ID: Wrong type for that item"
Hi, can you post a bit more information about this ? Where exactly do you see that message ?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Sören Malchow wrote:
i can see this message when duming network traffic between DS and AD, and when i look at the dump with ethereal this message shows up thousands of time.
Ok one after another
DS uses the AD user i used for sync to successfully bind to AD
The DS issues a search request for the correct Base DN
AD answers
- 1. answer seems to be search result - 2. - nth answer seems to be individual CNs, but in this case
i can see either
"Can't parse message ID: Wrong type for that item"
prepended by "Invalid LDAP packet" or "Can't parse sequence header: Wrong type for that item" prepended by "Invalid LDAP message"
in ethereal.
Ah, I see. I'd suspect a bug in ethereal : I've used it to decode the protocol stream between FDS and AD more times than I can remember, and haven't seen that error. It's as if ethereal is not decoding the packet correctly. Are you running a recent version of ethereal ?
Yes i am running 0.10.13, which is almost the newest i think.
Do you have any other idea how to debug this issue, since there is nothing in the logs.
soeren
David Boreham david_list@boreham.org Sent by: fedora-directory-users-bounces@redhat.com 03.02.2006 16:45 Please respond to david_list@boreham.org; Please respond to "General discussion list for the Fedora Directory server project." fedora-directory-users@redhat.com
To "General discussion list for the Fedora Directory server project." fedora-directory-users@redhat.com cc
Subject Re: [Fedora-directory-users] Problem with WindowsSync
Sören Malchow wrote:
i can see this message when duming network traffic between DS and AD, and when i look at the dump with ethereal this message shows up thousands of time.
Ok one after another
DS uses the AD user i used for sync to successfully bind to AD
The DS issues a search request for the correct Base DN
AD answers
- 1. answer seems to be search result - 2. - nth answer seems to be individual CNs, but in this case
i can see either
"Can't parse message ID: Wrong type for that item"
prepended by "Invalid LDAP packet" or "Can't parse sequence header: Wrong type for that item" prepended by "Invalid LDAP message"
in ethereal.
Ah, I see. I'd suspect a bug in ethereal : I've used it to decode the protocol stream between FDS and AD more times than I can remember, and haven't seen that error. It's as if ethereal is not decoding the packet correctly. Are you running a recent version of ethereal ?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
389-users@lists.fedoraproject.org