I have an AD driver running on a Windows 2008 R2 server. The server runs
eDirectory (with a replica of the whole tree), IDM and is a DC, so there
is no remote loader and all IDM communication for this driver occurs
solely on this box. There are other DCs, and each has the password
filter installed and shows as "Running". Passwords synchronize from
eDirectory to AD, but not the other way around. "Identity Manager
accepts passwords from the application" is set to TRUE, Publish
passwords to NDS password is FALSE, and Publish passwords to
Distribution Password is TRUE.

Here is what I see when with the log level set to 5 when I change the
password in ADUC for the user "portt":


[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: Publisher MODIFY
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: Publisher Modify-
effectiveClassQuery dn=CN=test
port,OU=Migration,OU=Users,OU=snip,DC=auth,DC=snip ,DC=local
className=user
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: accountExpires
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: description
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: dirxml-uACAccountDisable
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: displayName
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: extensionAttribute1
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: facsimileTelephoneNumber
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: givenName
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: initials
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: l
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: logonHours
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver:
physicalDeliveryOfficeName
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: postOfficeBox
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: postalCode
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: sAMAccountName
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: sn
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: st
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: streetAddress
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: telephoneNumber
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: title
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: userPrincipalName
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD]
PasswordSync::getUserData()
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD]
PasswordSync::getUserData().... checking that RPC Server is listening
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD]
PasswordSync::getUserData().... checking that RPC Server is listening
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
PassSyncCache::GetPwdInfoByUser()
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
PassSyncCache::GetPwdInfoByUser() Looking for specific Username[portt]
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
GetPwdInfoByUser() - open the cache. Key =
SOFTWARE\Novell\PassSync\Data\AUTH.snip.LOCAL
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
GetPwdInfoByUser() - acquire the mutex.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
GetPwdInfoByUser() - mutex acquired.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
GetPwdInfoByUser() - get number of registry keys.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
GetPwdInfoByUser() - dwSubKeys[1] dwPrefMaxEntries[1]
*lpdwResumeHandle[0] lpszUserName[portt].
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
GetPwdInfoByUser() - release the mutex.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
GetPwdInfoByUser() - mutex released.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
GetPwdInfoByUser() - close the cache.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
PassSyncCache::GetPwdInfoByUser() returned 0x00000002
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD]
PasswordSync::getUserData() returned 0x00000002
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD] PasswordSync::
DataEnum()
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD] PasswordSync::
DataEnum().... checking that RPC Server is listening
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD] PasswordSync::
DataEnum().... checking that RPC Server is listening
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
PassSyncCache::GetPwdInfo()
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804]
PassSyncCache::GetPwdInfo() Looking for specific Username[(null)]
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804] GetPwdInfo() -
open the cache. Key = SOFTWARE\Novell\PassSync\Data\AUTH.snip.LOCAL
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804] GetPwdInfo() -
acquire the mutex.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804] GetPwdInfo() -
mutex acquired.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804] GetPwdInfo() -
get number of registry keys.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804] GetPwdInfo() -
dwSubKeys[1] dwPrefMaxEntries[-2] *lpdwResumeHandle[0]
lpszUserName[(null)].
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804] GetPwdInfo() -
Query only returned 1.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804] GetPwdInfo() -
release the mutex.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD 2804] GetPwdInfo() -
mutex released.
[09/14/12 15:26:11.470]:IDV2AUTH PT:ADDriver: [PWD] PasswordSync::
DataEnum() returned 0x00000000
[09/14/12 15:26:11.486]:IDV2AUTH PT:Receiving DOM document from
application.


But that's ALL I see, and the password doesn't change in eDirectory. I
honestly can't tell if there's an error in what I posted above - can
anyone tell me why it isn't working?


--
ambradley
------------------------------------------------------------------------
ambradley's Profile: https://forums.netiq.com/member.php?userid=177
View this thread: https://forums.netiq.com/showthread.php?t=3045