Hello there,
currently using Axigen server version: 10.3.3.57 (Linux/x64) on a front-end:back-end configuration with LDAP and sync of groups/new users is failing with:
USERDB:00000003: Group member with ldap-id -redacted- is not associated in axigen
USERDB:00000003: End synchronize ADD/MODIFY operation on group entry -redacted- in domain -redacted- with result ‘Axigen error (LDAP configuration conflict)’
Tried using the axigen-ldapForceSync.py + cli2.py and eventhough the scripts end with 2023-06-22 15:00:27 jobFinished normal
the users/groups have no ID associated to them (checking with dry-run mode):
2023-06-22 15:00:32 userReset[(none)] redacted
2023-06-22 15:00:32 groupReset[(none)] redacted
What would you recommend as further steps to debug this Axigen error/conflict ?
Thank you.
------------ SOLVED ----------
Also, in the webadmin > Domains & Accounst > Manage Domains > Domain redacted:
See attached image.
Well, the Not operational part was “solved” by an disable/enable/save action but the sync would still not add IDs for users and new users are not being saved to Axigen.
Hello,
Could you please share the logs that are related to the LDAP synchronization?
HTH,
Ioan
PS: the best option will be to open a support ticket as this is the best way to handle sensitive data that you have “redacted” above.
Hello,
thank you kindly for your response. As per your best option provided I’ve sent an email to support (at) axigen (dot) com providing the log with the relevant(?) lines (log level: protocol communication). Do let me know if more information is required.
Hello,
From the logs I was found I see that there are at least 3 member groups that are reported as not found in Axigen:
Group member with ldap-id xxx-xxx-xxx-xxx-xxx is not associated in axigen
My suggestion is first to identify those 3 group members and secondly get their status in Axigen.
If not present - maybe they are not not found into the LDAP Account Base DN set into the connector.
If present - maybe they have another ID or none - in which case it should be investigated furthermore.
HTH,
Ioan
1 Like
Hello,
thank you very much for your reply.
The main issues (LDAP configuration conflict/script results) was meanwhile resolved, after configuring “LDAP wins” under “Clustering Setup > LDAP Connectors > Connector list > x domain > Synchronization direction > -LDAP to Axigen- > Conflict resolution > -Axigen wins-”
As for the not associated group members, they are not part of a Axigen sync-ed domain therefore not associated in Axigen.
Thank you again for your time,
best regards!
