directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cook, Lee (IS) (Contr)" <>
Subject RE: Active Directory ldif import fails
Date Thu, 25 Mar 2010 13:17:29 GMT
thks stefan.  i was able to test my ldap code against the AD server after all.


From: Stefan Seelmann []
Sent: Tue 3/23/2010 1:05 PM
Subject: Re: Active Directory ldif import fails

Hammond, Steven wrote:
> Yes, AD is Microsoft, and ApacheDS is LdapV3 standards based.
> And if you find any listing of a way to support the AD schema, let me know.  When I looked
18 months ago, Microsoft actively removes any site that tries to publish the AD schema.

You can use Studio to extract the AD schema and import it into ApacheDS.
 [1] and section 3.3. of the paper [2] describe the feature.

> #!ERROR [LDAP: error code 32 - NO_SUCH_OBJECT: failed for Add Request : ClientEntry dn:
OU=BSTT,OU=Projects,DC=bicc,DC=triad,DC=local objectClass: top objectClass: organizationalUnit
subSchemaSubEntry: CN=Aggregate,CN=Schema,CN=Configuration,DC=triad,DC=local gPLink: [LDAP://cn={E753D915-B2C8-4AA8-AAD2-71AFA59C9FB2},cn=policies,cn=system,DC=bicc,DC=triad,DC=local;2][LDAP://cn={D5F6C9AC-9D8A-49CD-8A5E-ABD4A9EF36CA},cn=policies,cn=system,DC=bicc,DC=triad,DC=local;1]
createTimeStamp: 20090326173435.0Z ou: BSTT whenChanged: 20091020152044.0Z gPOptions: 0 instanceType:
4 uSNCreated: 8835 distinguishedName: OU=BSTT,OU=Projects,DC=bicc,DC=triad,DC=local uSNChanged:
8835 whenCreated: 20090326173435.0Z name: BSTT objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=triad,DC=local
modifyTimeStamp: 20091020152044.0Z objectGUID: ?? Q1cF? ???? : Cannot find a partition for,,0.9.2342.19200300.100.1.25=bicc,0.9.2342.19200300.100.1.25=triad,
> dn: OU=BSTT,OU=Projects,DC=bicc,DC=triad,DC=local

There much more issues to solve before you can import the data:
- you need to create a partition for that entry
- you need to import the parent entries first
- you need to remove operational attributes

And if all that is done it should be noted that ApacheDS won't behave
like AD.

Kind Regards,


  • Unnamed multipart/mixed (inline, None, 0 bytes)
View raw message