Hi Jonas, I don't have any experience with Java and AD, but I can give some sugestions.
1. Doing an LDAP_MOD on a value to replace it with the same value does not actually change anything; AD throws the operation out, no timestamps are updated, and no replication takes place. 2. Do you have more than one DC? If so, you may be making the change on one DC and looking for the results on another DC. If replication hasn't taken place, you will see inconsistent results. 3. You might check the following MSDN article on strategies for synchronizing AD with other data stores: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/ad/t racking_changes.asp?frame=true What's the point of forcing an update of all objects every night? It seems that would generate a lot of unnecessary processing. -gil -----Original Message----- From: Jonas Almfeldt [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 01, 2003 4:02 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Problem updating object attributes in Active Directory -Using Directory SDK Hi, I use Directory SDK 4.0 for Java to syncronize data from Oracle to an Active Directory directory. My first observation of this problem was that the "whenChanged" attribute of AD objects does not always change when I perform LDAP Modify operations against the AD. The sync program performs a total update of all user/group objects every night. Performing LDAP MODify on each user/group object (even if nothing has changed since last time). One important effect of this is that the whenChanged timestamp attribute should be updated every time. At least that works fine with iPlanet Directory server. I have tried to solve the problem by using an unused object attribute, "url", to put a timestamp in programmatically. This works fine for some of the objects updated, but not for all objects. For some objects, the "url" attribute did not get set at all. No ldapexceptions are thrown, everything seems to be OK until I browse the AD-tree to check the attribute values manually and discover that some objects has not been updated as they should have. Is there anyone out there that has had a similar problem with directory SDK and Active Directory? Greatful for help on this issue. List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
