ad sync not working

Comments

15 comments

  • Adam Ruth

    Jonathan,

    There aren't any problems we're aware of (which doesn't mean that there aren't any problems). 

    Did any computers come in through the AD Sync, or did it not work at all?  Also, did you verify that the containers you selected were marked to "Include Subtree" (assuming that's what you wanted)?

    0
    Comment actions Permalink
  • itdept

    It did not work at all. I have a specific container set to filter by ou. The computers that I happened to delete from pdq were for this container & nothing would show up on it like it was before. So checking all computers & the specific container showed that the deleted computers were no longer there after trying ad sync now.

    I did not select include subtree because the path that I gave was specific to where the computers were. For example, DOMAIN > IT > COMPUTERS. I don't need anything underneath that ou.

    0
    Comment actions Permalink
  • Adam Ruth

    Jonathan,

    The sync works by using the containers GUID to look them up, is it possible that this container was deleted and recreated after you set up the sync (thereby getting a new GUID)?  If so, you can work around it by deleted and re-adding the containers in the sync preferences.

    This is actually something that we'll be fixing in version 1.1, because of this type of problem, so that the sync works by Distinguished Name instead of GUID.

    0
    Comment actions Permalink
  • itdept

    No, this is a production AD environment. The OU would not have been deleted due to all the GPOs in it & as I mentioned it is production.

    The only thing that I can think of is that you guys had me run a sql command a while back because it wasn't synching properly. It's under another post with "ad sync" in title. Unless that messed it up, I don't know.

    0
    Comment actions Permalink
  • Adam Ruth

    I thought about that, too.  That was dealing with computers that weren't syncing because they had been added manually, it shouldn't have affected new computers, which these would be because they were deleted.

    Can you send in your database?  Perhaps there is something in there still lurking about from one of the early betas that is affecting it.  If you can't e-mail it in, let me know and I'll send you FTP details.

    I've added a task to our development list to add more detailed logging to the AD Sync process which can be turned on to troubleshoot these errors better.

    0
    Comment actions Permalink
  • itdept

    Please send ftp details. DB is 12M. Awfully big for just 135 computers...

    0
    Comment actions Permalink
  • itdept

    It's up.

    0
    Comment actions Permalink
  • Adam Ruth

    Thank you for that, I see the problem.  The containers are all "exclude" instead of "include" containers.  This was probably caused by an upgrade from a prior beta that only had the "include" type.  The interface doesn't do a good job of letting you know what type of container they are, though, and we'll get that fixed to be more than just a different icon.

    Unfortunately, the current version doesn't provide a way to change the type (I've added that to the enhancement list).  For now you can delete them and re-add them using the "Include Container" button.

    0
    Comment actions Permalink
  • itdept

    I deleted the previous ones from ad sync & re-added with the include container button. Did a sync now & the # of computers still hasn't changed.

    I deleted 1 pc & that pc was not brought back. I had also moved 1 pc out of an ou to an ou not synched & it wasn't removed.

    0
    Comment actions Permalink
  • Adam Ruth

    The one not being removed would be the same problem you had before, since the computer was re-added manually.  The next update will have a fix for this but in the meantime you can that SQL script we sent you before (if you don't have it any more, I'll send it again).

    As for the computer not being added, can you close and re-open your console and see if it shows up?  The current version has some issues with showing computers that have been added in the background by a sync, which we've fixed for the next update.

    0
    Comment actions Permalink
  • itdept

    I don't get it. Why do I have to run the command again? Didn't I just have to do it just that one time?

    The adding finally worked.

    0
    Comment actions Permalink
  • Adam Ruth

    The current sync mechanism won't delete computers that were added manually and the script updates any manually added computers to make them look like they were added via an AD sync.  When the AD sync was broken and you added the computers back manually then that information was reset for them, so the script would need to be run again to mark them as "AD Sync" computers.

    This has been fixed in our next version, which you can wait for if you'd prefer.  It'll be going to beta very soon, hopefully in the next 24 hours.  

    0
    Comment actions Permalink
  • itdept

    Ok so if I delete every computer right now & do an AD sync now it will work correctly?

    0
    Comment actions Permalink
  • Adam Ruth

    Yes, it should work fine now that you've replaced the AD sync containers.

    0
    Comment actions Permalink
  • Shane Corellian

    This issue was resolved in version 1.1 Release 1 in February 2012. If you select the Delete Mode: Delete All (Full Sync) in your AD Sync preferences then all target computers must exist in specified "Sync" containers regardless of how they were originally added to Inventory. 

    http://www2.adminarsenal.com/docs-pdqinventory?ad_sync_preferences.htm

    0
    Comment actions Permalink

Please sign in to leave a comment.