Manualshelf

Services Administration Guide Instruction Manual

ManualsBrandsGoogle ManualsSoftwareApps Directory Sync for Postini
64656667686970717273
Troubleshooting 75
Is there a way to change the Non-Address Primary Key Attribute for users
manually once the directory sync utility has synced users in the message
security service?
Yes. The purpose of this field is to store something stable and unique from LDAP
directory and then use that to compare users later.
If you use the optional field for Non-Address Primary Key Attribute, and then you
change this attribute to something other than the original Non-Address Primary
Key Attribute, the directory sync utility will change the setting for users.
Do not change any user addresses in the same synchronization that you change
the Non-Address Primary Key Attribute, or the users will be deleted and created
again, losing data. If you have any username changes, run an additional sync
before you change your Non-Address Primary Key Attribute.
After a user is deleted, then added again, non-fatal errors occur during
synchronization.
You can safely ignore non-fatal error messages that directory sync tried to add an
alias that already exists.
The directory sync utility preserves alias information after deleting a user, and
keeps that information for a period of time. If the user is added again, the user still
has all the same aliases, which can cause a warning message when the directory
sync utility tries to add them again.
Some users on the LDAP server have aliases in another domain that is not listed
in the message security service. Is there a way to exclude aliases from
synchronization?
No. The directory sync utility will attempt to add these aliases and fail. If this
happens, you can safely ignore the warning messages.
How can I set up the directory sync utility to use a Global Catalog?
Set Configuration Manager to connect to port 3268 instead of 389. You will also
need to set up your LDAP scope and queries appropriately for the Global Catalog.
For more information on appropriate LDAP queries for a Global Catalog, see your
LDAP server documentation or contact your LDAP administrator.
An LDAP query that includes a wildcard isn’t working with Lotus Domino LDAP
Lotus Domino has a setting for “Minimum characters for wildcard search” that
controls how wildcard LDAP searches work. Update your search to include more
characters, or change this setting to a lower number.
System Tests
If you encounter problems, use the tests in Configuration Manager to find the
problem:
1. In Configuration Manager, open the XML file you are using for configuration.