If you can not get access to the log, try moving to LDAP (not LDAPS) and make a network capture through Wireshark.
Regards, -- Sebastien BAHLOUL IAM / Security specialist Ldap Synchronization Connector : http://lsc-project.org Blog : http://sbahloul.wordpress.com/ 2011/9/30 <[email protected]> > Here ist the LSC Debug Output: > > Sep 30 10:29:29 - DEBUG - Reading configuration from > /opt/lsc-openldap2ad/etc/ > Sep 30 10:29:29 - DEBUG - Loading configuration url: > file:/opt/lsc-openldap2ad/etc/lsc.properties > Sep 30 10:29:29 - INFO - Starting sync for user > Sep 30 10:29:29 - INFO - Connecting to LDAP server > ldaps://serversrc/dc=srcdomain,dc=local as cn=adsync,dc=srcdomain,dc=local > Sep 30 10:29:29 - DEBUG - Using JNDI URL setting of > "ldaps://serversrc:636/dc=srcdomain,dc=local??base?(objectclass=*) " > Sep 30 10:29:30 - DEBUG - Adding 'F' sync type for attribute name > objectClass. > Sep 30 10:29:30 - DEBUG - Adding 'K' sync type for attribute name > unicodePwd. > Sep 30 10:29:30 - DEBUG - Adding 'F' sync type for attribute name default. > Sep 30 10:29:30 - DEBUG - Synchronizing user for {employeenumber=999998} > Sep 30 10:29:30 - INFO - Connecting to LDAP server > ldap://serverdst.dstdomain.local:389/dc=dstdomain,dc=local as > CN=adsync,CN=Users,DC=dstdomain,DC=local with STARTTLS extended operation > Sep 30 10:29:30 - DEBUG - Using JNDI URL setting of > "ldap://serverdst.dstdomain.local:389/dc=dstdomain,dc=local??base?(objectclass=*) > " > Sep 30 10:29:31 - INFO - All entries: 1, to modify entries: 0, modified > entries: 0, errors: 0 > Sep 30 10:29:31 - INFO - Starting clean for user > Sep 30 10:29:31 - DEBUG - Using pagedResults control for 1000 entries at a > time > Sep 30 10:29:31 - INFO - All entries: 1, to modify entries: 0, modified > entries: 0, errors: 0 > > I changed the line: <logger name="org.lsc" level="DEBUG"> is this enough? > > Also i do not have direct access to the openldap, but the guy swears there > is nothing in the log... so i am not sure what he should look for? > > 2011/9/30 Sébastien Bahloul <[email protected]> > >> The LDAP logs does not contain an error every time, but with them we can >> see that a variable is not replaced or the value is not correct (may be >> either a configuration issue or a software bug anyway. >> >> To debug, replace INFO with DEBUG. >> >> Regards >> >> -- >> Sebastien BAHLOUL >> IAM / Security specialist >> Ldap Synchronization Connector : http://lsc-project.org >> Blog : http://sbahloul.wordpress.com/ >> >> >> >> 2011/9/30 <[email protected]> >> >> Hi Sebastien, >>> >>> this ist the strange part, i get no errors on openldap and ad. If you >>> refer to the lsc tool, i have to admit i don't know how to enable debug? I >>> guess there is something with the logback xml but i do not understand what >>> to there... >>> >>> Also i should add, i user lsc 1.2.1 >>> >>>> >>>>> 2011/9/29 Sébastien Bahloul <[email protected]> >>>>> >>>>>> Hi Cain, >>>>>> >>>>>> It's quite complex to help you to solve your problem if you do not >>>>>> provide at least a log, either info or debug level. >>>>>> >>>>>> Regards, >>>>>> >>>>>> -- >>>>>> Sebastien BAHLOUL >>>>>> IAM / Security specialist >>>>>> Ldap Synchronization Connector : http://lsc-project.org >>>>>> Blog : http://sbahloul.wordpress.com/ >>>>>> >>>>>> >>>>>> >>>>>> 2011/9/29 <[email protected]> >>>>>> >>>>>>> Hello, >>>>>>> >>>>>>> i asked this question a few weeks ago unfortunately i did not get an >>>>>>> answer so i try again: >>>>>>> >>>>>>> i have a problem that sometimes i have to rename some user which also >>>>>>> includes the uid in the openldap which is mapped to the sAMAccount. >>>>>>> >>>>>>> When i rename a user sometimes it works that he renames it correctly, >>>>>>> but never twice.(Eg. it works sometimes to rename user1 to user2, but >>>>>>> never >>>>>>> to rename user2 to user 3) >>>>>>> >>>>>>> But mostly the lsc tool tells me there is nothing that has changed >>>>>>> and so it does nothing. >>>>>>> >>>>>>> >>>>>>> >>>>>>> _______________________________________________________________ >>>>>>> Ldap Synchronization Connector (LSC) - http://lsc-project.org >>>>>>> >>>>>>> lsc-users mailing list >>>>>>> [email protected] >>>>>>> http://lists.lsc-project.org/listinfo/lsc-users >>>>>>> >>>>>>> >>>>>> >>>>> >>>> >>> >>> _______________________________________________________________ >>> Ldap Synchronization Connector (LSC) - http://lsc-project.org >>> >>> lsc-users mailing list >>> [email protected] >>> http://lists.lsc-project.org/listinfo/lsc-users >>> >>> >> > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users > >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
