AD sync ignores OU change of objects
I'm using the AD sync feature of RDM to sync RDM sessions with AD server objects.
I noticed, when an AD server object is moved to a different OU in AD, it is not moved (or deleted/created) to the new group in RDM on the next sync.
-------------------
Remote Desktop Manager Enterprise Edition 12.6.6.0 64 Bit - Data Source: SQL Server
Running on Windows Server 2012R2 VMs with Remote Desktop Services feature, serving as common work environment for 30 Windows Server administrators
All Comments (14)
Hello,
What have you set for the setting called "Action on entry mismatch" that you can find in the inner Advanced tab of the synchronizer?
Maurice
Hi Maurice,
the action is set to "Delete".
In addition, I also noticed, that the Description of a session is also not updated if the AD object description field was modified.
-------------------
Remote Desktop Manager Enterprise Edition 12.6.6.0 64 Bit - Data Source: SQL Server
Running on Windows Server 2012R2 VMs with Remote Desktop Services feature, serving as common work environment for 30 Windows Server administrators
Hello,
We will try to reproduce the issue and keep you posted.
Best regards,
Maurice
Hello,
I was able to reproduce your issue partially.
The move of AD objects between containers is not updated but the description is.
A ticket has been submitted to our engineering department.
Thank you so much for reporting this!
Best regards,
Mark Beausejour
Hi Mark,
you're right, descriptions are indeed updated. Maybe I did something wrong when I checked that.
-------------------
Remote Desktop Manager Enterprise Edition 12.6.6.0 64 Bit - Data Source: SQL Server
Running on Windows Server 2012R2 VMs with Remote Desktop Services feature, serving as common work environment for 30 Windows Server administrators
I'm having an issue with existing AD synchronizers. I have them specified to a Servers OU (via LDAP Path) and now it is syncing all domain computers rather than just the Servers computers as it did before.
Hello Cazi,
What version of RDM are you using?
Could you send us a print screen of the LDAP configuration please.
Also, if you try to use the Mode: Custom and to specify the OU/Container DN. Does it sync only the servers OU ?
Best regards,
David Grandolfo
David,
I am running version 12.6.1.0. Attached is the screen shot of the Synchronizer's properties.
Setting the Mode to Custom results in the same issue, all domain PCs sync'ing.
AD Synchronizer.png
Hi,
Could you test with the LDAP Over SSL uncheck and let me know if you have the same problem.
Best regards,
David Grandolfo
The list populated correctly with LDAP Over SSL unchecked. Although, it is now not sending the credentials or computers securely, which we want to avoid.
Hi,
Yes of course to use LDAP Over SSL is better. The test was only to see where the problem is. I need to do more test and I will let you know as soon as I have more information about this problem.
Best regards,
David Grandolfo
After discussion with the engineering department, the LDAP Over SSL button only add ":636" to the domain machine.
Could you try to add manually ":636" to change the mode to Custom enter your domain and manually enter :636 avec the Domain Machine please.
Also, at the same time, could you go to Help --> Profiler -> Debug Only Tab and set the Debug Level to 3. Please let this window open and try to do the LDAPS connection.
If it doesn't work, please send us by email at support@devolutions.net the Profiler log.
Best regards,
David Grandolfo
Appending :636 to the domain machine does work properly. I have sent the Debug Logs to support.
Hi Cazi,
As sent by email, we found from where the problem is coming.
We just solve the problem internally and tested it. In the next release of RDM the patch will be applied.
Best regards,
David Grandolfo