On 7/27/2012 4:26 PM, eden silva wrote:
>
> hi,
>
> I am configuring a Active Directory Driver in idm 361, but I see the
> following message and the atributte DirXML-ADAliasName is empty in
> eDirectory.
> But the identity is created in Active Directory system.
>
> DirXML Log Event -------------------
> Driver: \IDMDESA1-TREE\MIDDESA\SERVICIOS\IDM\Driver-Set\Active
> Directory
> Channel: Subscriber
> Object:
> \IDMDESA1-TREE\MIDDESA\PERSONAS\INTERNOS\ACTIVO\11896523
> Status: Error
> Message: Code(-9010) An exception occurred:
> novell.jclient.JCException: modifyEntry -672 ERR_NO_ACCESS


First, you need to show more of DStrace, so we can see the event that
comes through that leads to this error.

However 672 is a permission in eDirectory. Likely your Security Equiv
of your driver does not have permission to modify the DirXML-ADAliasname
attribute on the user back in eDirectory.