AD driver is on a 4.5 engine.
UserApp is still 4.2

When I perform a code map refresh, I see the new groups in the Groups
Mapping table, but when I try to create a resource and add the group
entitlement, the new groups are not present. Is this a version mismatch
issue? Is there a way around it?

I see this error in server.log:
Caused by: javax.naming.NamingException: [LDAP: error code 80 -
transport failure (-625)]; remaining name ''

Also this:
Unable to complete the CODE MAP refresh for entitlement:
cn=group,cn=gacdomain,cn=driverset1,ou=drvset,ou=i dm,o=services.
com.novell.idm.nrf.exception.NrfException: Error occurred populating
code map table(s) for entitlement:
cn=group,cn=gacdomain,cn=driverset1,ou=drvset,ou=i dm,o=services. The
most likely cause is that the IDM driver containing the entitlement is
not started, or there is a communication issue between the remote loader
and driver. Refer to the following stack trace for more details. A NDS
trace log may help with driver related issues.
at
com.novell.idm.nrf.persist.PopulateCodeMap.populat eFromEntitlementQuery(PopulateCodeMap.java:344)


--
ptown
------------------------------------------------------------------------
ptown's Profile: https://forums.netiq.com/member.php?userid=418
View this thread: https://forums.netiq.com/showthread.php?t=55324