Results 1 to 9 of 9

Thread: ADAM Replication Problems

  1. #1
    Join Date
    Jul 2006
    Posts
    64

    ADAM Replication Problems

    There is an adam that is replicated between 2 servers running a local system account. We have to move the servers into a different domain. The ip address has stayed the same by the dns name changed and I am not able to get the replication backup. There are total 5 access denied errors that I am getting. I did try to change the dnshost name in the default first sites entries on each of the adams to the correct host names and I am then getting 8453 Replication access was denied errors. What am I suppose to do to change to get the replication back up again? Thanks.

  2. #2
    Join Date
    Jan 2006
    Posts
    2,257

    Re: ADAM Replication Problems

    You will have to update CN=Instances,CN=Roles,CN=Configuration group membership and include both instance service accounts there. By moving the servers to a different domain, you changed the computer account SIDs, they need to be included as members of Instances group. You can also try to remove the old SIDs too.

  3. #3
    Join Date
    Jun 2006
    Posts
    3
    Hi Everybody..I have the following problem..I try to add users from domain 1 to groups in domain 2..I made my program, and it worked..using something like..

    (almost pseudocode, i don't have the code right here)
    try
    {
    DirectoryEntry group = new DirectoryEntry(groupAdd, groupUs, groupPs, authent);
    group.Propierties["member"].add(newMember);
    group.commitChanges();
    }

    where newMember = "CN=SID-1-5..,CN=foreignSecurityPrincipals,DC=domain1,DC=net". And as I said it worked, though now I come back after some days and I see that:

    -WHen I run my code, it doesn't add me the member, throwing me an error that the object doesn't exist.
    -If I add the user to group manually..and then delete it, and run my program, runs OK, with no problem.

    What can be????..

  4. #4
    Join Date
    Nov 2005
    Posts
    1,323

    Re: ADAM Replication Problems

    It seems that you are adding an foreign security principal to a group. The proper way to do that is to specify the DN in the below format:
    <SID=S-1-5-XXX-XXX-XXX>
    After that you have added this member to the group, the FSP object will be auto created for you by the system.

  5. #5
    Join Date
    Jun 2006
    Posts
    3

    Re: ADAM Replication Problems

    Is the way I'm adding, not correct?

    CN=S-1-5..,CN=foreignSecurityPrincipals,DC=domain1,DC=net

    but instead

    <SID=S-1-5..>

    Perhaps is that all the problem?,
    BUT why when I add it manually and then run my program, it works OK?

    Thanks :)

  6. #6
    Join Date
    Jan 2006
    Posts
    830

    Re: ADAM Replication Problems

    After you have added the user using ADSIEdit, the foreignSecurityPrincipal is created for you. Incase you later remove the user from the group/role the fSP is not removed/scavenged which is probably allowing your code to function.

  7. #7
    Join Date
    Jun 2006
    Posts
    3

    Re: ADAM Replication Problems

    Yeap, Lee Flight

    That's surely what is happening, the FSP still lives when the relation between the group and FSP is broken so my program runs OK, I know.
    But then, how to add the user when the FSP isn't created?, that's what is happening to my programm..

    Am i doing something wrong? should i use the format of Dmitri Gavrilov?

  8. #8
    Join Date
    Jan 2006
    Posts
    2,257

    Re: ADAM Replication Problems

    Do what is told to you above and the below will make the fSP for you:

    objGroup.Properties["member"].Add("<SID=S-1-5-21-XXX-XXX-XXX-XXX>");

  9. #9
    Join Date
    Oct 2011
    Posts
    1

    Re: ADAM Replication Problems

    i am facing a problem in replication.when i am replcating a database from my system to another system,i am able to replicate the database but the tables inside that database is not transferring from my syatem to another.can you pls help me on this...
    thank you

Similar Threads

  1. Replication with ADAM failed due to password complexity
    By rowanld in forum Window 2000 Help
    Replies: 3
    Last Post: 06-01-2014, 11:05 AM
  2. ADAM Replication Error
    By Peach in forum Active Directory
    Replies: 3
    Last Post: 17-05-2011, 05:01 PM
  3. Replication problems
    By Tahseen Shahzad in forum Active Directory
    Replies: 3
    Last Post: 01-09-2008, 08:37 AM
  4. Domain Replication Problems
    By Manik in forum Active Directory
    Replies: 7
    Last Post: 25-04-2008, 03:51 AM
  5. ADAM Sync Configuration Problems
    By NGV BalaKrishna in forum Active Directory
    Replies: 10
    Last Post: 13-07-2007, 01:50 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,710,834,231.76157 seconds with 16 queries