Hello, I found the solution of my pb.
Endeed, in order to install PCNS with this command-line: "Pcnscfg.exe addtarget /n:crimiis /a:crimiis.mydomain.fr /s:ENTSSO/crimiis.mydomain.fr /fi:"Utilisa. du domaine" /fe:"Admins du domaine" /f:3 /i:0 /d:false", the user must belong to domain admins, that what i did before succesfully. BUT, since one week, while deleting this object with "Pcnscfg.exe DELETETARGET /N:mytargetserver" due to pb with passord sync, and recreating with my previous command, I had this error : "Error adding the target 0x800700EA - ERROR_MORE_DATA" In fact with the "Pcnscfg.exe addtarget....", a sub-container (Password Change Notification Service) is created in "System" container in AD domain partition. In this subcontainer, the target object needed for passord sync is normally appeared after "Pcnscfg.exe addtarget.....". But, it was not my case :-( So I launch the command with the "system account" privilege (at /interactive command) in my DC in order to see if the target is created. And YEEESS!!!!!! So my pb is due more to a loss of privilege of my admin account rather than a ldap error protocol --> strange.... But, i don't know why before it functions well with my admin account, and now it does not function anymore BUT only with local system privilege. The only thing that could explain this, is a reinstall complete of all the DCs (due to hardware failure) that was performed 2 weeks ago.... So if someone could point me to some possible reasons why this loss happened, he would be nice ;-) Anyway, I hope that could help someone here ;-) Cheers, Yann -----Message d'origine----- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de TIROA YANN Envoyé : jeudi 2 juin 2005 18:54 À : ActiveDir@mail.activedir.org Objet : RE: [ActiveDir] LDAP error Yes, thank you for your output. I will install the fix now. I will let U know if it's successfull. Cheers, Yann -----Message d'origine----- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Mark Parris Envoyé : jeudi 2 juin 2005 17:09 À : ActiveDir@mail.activedir.org Objet : Re: [ActiveDir] LDAP error Are you running the hotfixes as described in 842531 ? Mark -----Original Message----- From: "TIROA YANN" <[EMAIL PROTECTED]> Date: Thu, 2 Jun 2005 16:52:27 To:<ActiveDir@mail.activedir.org> Subject: [ActiveDir] LDAP error Hello everybody :-)) I don't know if it's the right place, but i think i could have good resolution for my pb in this discussion :-) We use MIIS 2003 (Microsoft Identity Integration Server 2003 ) in order to synchronize Active directory 2003 with openLdap. I install Password Change Notification Service (PCNS) in all my DCs. This is for synchronizing the user passords from AD to OpenLdap. EX: a user changes his password (by ctrl+Alt+Del) on his worsktation, the change password is then sent to a DC of the forest. A service (Password Change Notification Service) which is installed on every DCs receives the password and forward it to MIIS which is responsible to forward this to the same user in OpenLdap. The documentation is in attachement is here http://www.microsoft.com/downloads/details.aspx?FamilyId=15032653-D78E-4 D9D-9E48-6CF0AE0C369C&displaylang=en And the concerning document is named "MIIS_2003_Password_Synchronization_Step_by_Step.doc". When I try to Install the Password Change Notification Service (PCNS) on one of my DC by : "Pcnscfg.exe addtarget /n:crimiis /a:crimiis.mydomain.fr /s:ENTSSO/crimiis.mydomain.fr /fi:"Utilisa. du domaine" /fe:"Admins du domaine" /f:3 /i:0 /d:false Error adding the target 0x800700EA - ERROR_MORE_DATA ;-(( I think it is more a probleme with LDAP request to AD. After searching in the net i see this error in http://216.239.59.104/search?q=cache:sy69TW0wJIsJ:msdn.microsoft.com/lib rary/en-us/adsi/adsi/win32_error_codes_for_adsi_2_0.asp+0x800700EA+LDAP& hl=fr "ERROR_MORE_DATA = Partial results and referrals received" that means that my DCs seems not to be able to forward request by client to other DC in other words, the referrals seems not working.... Any help will be greatly appreciated because we are near to put all in production next week :-( PS: i forward the same question to "Yahoo! Groups MMSUG" the MIIS discussion groups, and i wait for an answer, but if someone here could help me ..; :-) Thank U very much. Cheers, Yann List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
