I can't seem to figure out what is wrong with my AD password filter
setup. I have an AD environment with 4 DCs (two 2008 and two 2012). I
have the remote loader on one of the 2012 DCs. All the FSMO roles are
on one of the 2008 DCs still. Everything seems to be setup fine, all
filters are loaded and show running the control panel, registry keys
look right, everything looks good. But when I change a password in AD,
I never see the event sent to the IdM engine. I can see password
changes being caught by the remote loader:


Code:
--------------------

DirXML: [09/24/15 12:02:16.53]: ADDriver: Publisher Poll
DirXML: [09/24/15 12:02:16.62]: ADDriver: get object changes - 0x0000
DirXML: [09/24/15 12:02:16.62]: ADDriver: process object change entry
DirXML: [09/24/15 12:02:16.62]: ADDriver: Processing change from AD: isDeleted: NULL, whenCreated NULL, name NULL
DirXML: [09/24/15 12:02:16.62]: ADDriver: Publisher MODIFY
DirXML: [09/24/15 12:02:16.62]: ADDriver: Publisher Modify- effectiveClassQuery dn=CN=00Test User9,OU=zzz,OU=Users,OU=yyy,DC=xxx,DC=com className=user
DirXML: [09/24/15 12:02:16.62]: ADDriver: accountExpires
DirXML: [09/24/15 12:02:16.64]: ADDriver: mail
DirXML: [09/24/15 12:02:16.64]: ADDriver: sAMAccountName
DirXML: [09/24/15 12:02:16.64]: ADDriver: userPrincipalName
DirXML: [09/24/15 12:02:16.64]: ADDriver: [PWD] PasswordSync::getUserData()
DirXML: [09/24/15 12:02:16.64]: ADDriver: [PWD] PasswordSync::getUserData().... checking that RPC Server is listening
DirXML: [09/24/15 12:02:16.64]: ADDriver: [PWD] PasswordSync::getUserData().... checking that RPC Server is listening
DirXML: [09/24/15 12:02:16.64]: ADDriver: [PWD 3816] PassSyncCache::GetPwdInfoByUser()
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] PassSyncCache::GetPwdInfoByUser() Looking for specific Username[00TestUser9]
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfoByUser() - open the cache. Key = SOFTWARE\Novell\PassSync\Data\XXX.COM
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfoByUser() - acquire the mutex.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfoByUser() - mutex acquired.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfoByUser() - get number of registry keys.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfoByUser() - dwSubKeys[0] dwPrefMaxEntries[1] *lpdwResumeHandle[0] lpszUserName[00TestUser9].
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfoByUser() - release the mutex.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfoByUser() - mutex released.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfoByUser() - close the cache.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] PassSyncCache::GetPwdInfoByUser() returned 0x00000000
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD] PasswordSync::getUserData() returned 0x00000000
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] PassSyncCache::FreeSyncData()
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] PassSyncCache::FreeSyncData() returned.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD] PasswordSync:ataEnum()
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD] PasswordSync:ataEnum().... checking that RPC Server is listening
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD] PasswordSync:ataEnum().... checking that RPC Server is listening
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] PassSyncCache::GetPwdInfo()
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] PassSyncCache::GetPwdInfo() Looking for specific Username[(null)]
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfo() - open the cache. Key = SOFTWARE\Novell\PassSync\Data\XXX.COM
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfo() - acquire the mutex.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfo() - mutex acquired.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfo() - get number of registry keys.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfo() - dwSubKeys[0] dwPrefMaxEntries[-2] *lpdwResumeHandle[0] lpszUserName[(null)].
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfo() - Query only returned 0.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfo() - release the mutex.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD 3816] GetPwdInfo() - mutex released.
DirXML: [09/24/15 12:02:16.65]: ADDriver: [PWD] PasswordSync:ataEnum() returned 0x00000000


--------------------


Here I just went into ADUC and changed the user's password right on the
machine with the RL. But I never ever see the shim send it to the
engine. Nothing.

I've removed everything, reinstalled, started fresh, rebooted. I'm
baffled. The other weird thing is I see log entries like this in the
remote loader log for each DC:


Code:
--------------------

DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] PassSyncExchangeData()
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] - AddDCKey()
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] - AddDCKey() domain controller W2K8DC1.xxx.com is not in list
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] - AddDCKey() returned 0x00000774.
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] - Trying to add DC W2K8DC1.xxx.com to List
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD 2616] - PwdVerifyDomainController()
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD 2616] GetPDCName()
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD 2616] GetPDCName() - Query for DCs using DsGetDcName
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD 2616] PwdDsGetDcName()
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD 32762] PwdDsGetDcName() returned 0x00000000
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD 2616] sPDCName = W2K8DC1.xxx.com
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD 2616] GetPDCName() returned 0x00000000
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD 2616] PwdDsGetDcName()
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD 32762] PwdDsGetDcName() returned 0x00000000
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD 2616] PwdDsGetDomainControllerInfo()
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] PwdCrypt:ecryptObjectPassword()
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] PwdCrypt::CreateKeyContainer()
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] PwdCrypt::GetCspName()
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] PwdCrypt::GetCspName() returned 0X00000000
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] PwdCrypt::CreateKeyContainer() returned 0x00000000
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] PwdCrypt:ecryptObjectPassword() obtained handle successfully
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] PwdCrypt:ecryptObjectPassword() obtained session key successfully
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD] PwdCrypt:ecryptObjectPassword() returned 0x00000000
DirXML: [09/24/15 12:01:55.93]: ADDriver: [PWD 2616] PwdDsGetDomainControllerInfo()GetAuthData username=idmadmin@xxx.com


--------------------


This is all latest 4.5 code, current patches. All DCs are virtual
running in VMware.

Thanks for any ideas.


Matt


--
matt
------------------------------------------------------------------------
matt's Profile: https://forums.netiq.com/member.php?userid=183
View this thread: https://forums.netiq.com/showthread.php?t=54351