Hi,
While synchronising AD objects from UCS AD Connector is not synchronising few objects and below error is seen in the connector.log file
I have setup UCS AD connection service in “Synchronization of account data between an AD domain and a UCS domain” mode.
04.01.2017 16:13:06,780 LDAP (WARNING): sync to ucs was not successfull, save rejected
04.01.2017 16:13:06,780 LDAP (WARNING): object was: CN=test,OU=388,OU=Managed Users,OU=Users,OU=sss,DC=ddd,DC=aaa,DC=hhh,DC=uk
04.01.2017 16:13:06,797 LDAP (PROCESS): sync to ucs: [ user] [ add] uid=tayll98,ou=388,ou=managed users,ou=users,ou=sdhis,dc=ddd,dc=aaa,dc=hhh,dc=uk
04.01.2017 16:13:07,461 LDAP (ERROR ): failed in post_con_modify_functions
04.01.2017 16:13:07,462 LDAP (ERROR ): Traceback (most recent call last):
File "/usr/lib/pymodules/python2.7/univention/connector/__init__.py", line 1326, in sync_to_ucs
f(self, property_type, object)
File "/usr/lib/pymodules/python2.7/univention/connector/ad/password.py", line 381, in password_sync
res = get_password_from_ad(connector, univention.connector.ad.compatible_modstring(object['dn']))
File "/usr/lib/pymodules/python2.7/univention/connector/ad/password.py", line 166, in get_password_from_ad
connector.open_drs_connection()
File "/usr/lib/pymodules/python2.7/univention/connector/ad/__init__.py", line 850, in open_drs_connection
self.drs, self.drsuapi_handle, bind_supported_extensions = drs_utils.drsuapi_connect(self.ad_ldap_host, lp, repl_creds)
File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 54, in drsuapi_connect
raise drsException("DRS connection to %s failed: %s" % (server, e))
drsException: drsException: DRS connection to DC01.ddd.aaa.hhh.uk failed: (-1073741715, 'Logon failure')
Also I have made some code changes to skip DNS check when UCS AD connector tries to connect with AD Domain controller.
Please see this post for details https://help.univention.com/t/windows-vertrauensstellung/118/1
Can someone please throw some light on this ?
Regards,
Nitin