Hi all: I am having a couple of small issues with our IDM setup. We do a one-way sync from eDir to AD. The eDir server is OES11 SP2 and the AD server is Windows 2008 R2. We use IDM 4.0.2 BE with all the latest patches. So here are my issues.

1. If I stop the remote loader on the windows server, the GUI indicates the service has stopped but it has not. I have to manually end the dirxml_remote.exe process before I can restart the remote loader.

2. When I start the remote load with "Trace On" I get messages that indicate "password sync" is not installed on any of my domain controllers.

3. Groups from eDir are not being created in AD. User objects do get created, just not groups. Error in remote loader log is:

<status level="error" type="driver-general" event-id="GR11#20150302180429#99#27:cf51dc9b-04f0-43c2-928a-9bdc51cff004">
<ldap-err ldap-rc="53" ldap-rc-name="LDAP_UNWILLING_TO_PERFORM">
<client-err ldap-rc="53" ldap-rc-name="LDAP_UNWILLING_TO_PERFORM">Unwilling To Perform</client-err>
<server-err>00000057: LdapErr: DSID-0C0420EF, comment: Error in attribute conversion operation, data 0, v1db1</server-err>
<server-err-ex win32-rc="87"/>

Suggestions? I am so close. Thanks.