I would try to get a trace of the failure, you will probably note a dropped (or filtered) packet or really oddly formated ldap query filter.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Lilianstrom Sent: Thursday, October 27, 2005 11:24 AM To: [email protected] Subject: [ActiveDir] AD LDAP Error I have a W2K based AD that has a trust with a MIT based realm. In that realm there is a Oracle app that uses the openldap tools to manipulate user objects in AD based on changes to the user entries in the database. The Oracle app uses a Kerberos authenticated ldapsearch and ldapmodify to make these changes. As part of QA in moving the Oracle app from Tru64 to RedHat Enterprise Linux the Oracle people have been creating new user objects and modifying existing user objects in our test domain. Modifying objects works just fine. Creating new ones fail on occasion. The openldap tools give a useful ldif_record() = 81 which points to a i/o error. It doesn't say exactly what it is. The error (after enabling extended logging) in the directory server log is equally useful Event Type: Warning Event Source: NTDS LDAP Event Category: LDAP Interface Event ID: 1216 Date: 10/27/2005 Time: 8:00:30 AM User: N/A Computer: DC3 Description: The LDAP server closed a socket to a client because of an error condition, 87. (Internal ID c0603b6::1577). 1216 points to a couple different errors - none of which seem to fit. My first conversation with Microsoft got me nowhere. I'm calling them back as soon as our access issues get worked out. Any ideas? al -- Al Lilianstrom CD/CSS/CSI [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
