• State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 95 subscribers
  • Views 5471 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD sync project in DEV is not creating any objects at all - but works in UAT

Tim Staddon
over 7 years ago

Hi,

Strange one here - we have two environments sharing the same SQL instance on the same server. There are different job servers for AD in dev and test, but the configurations are mirrored and only the queue names and servers are different. Both environments point to the same AD.

In UAT, we can sync AD and other systems fine, aside from some errors where the UPN is empty for users. But in DEV, although we can see no additional errors or warnings in any of the logs compared to UAT, and the sync project verifies and simulates successfully, no objects get created in the DEV database. At all.

To create the job services manually I used this:

sc CREATE "One Identity Manager Job Service (DEV)" type= own displayName= "One Identity Manager v7.1.2 Job Service (DEV)"

binPath= "C:\Job Service\DEV\viNetworkService.exe"

sc CREATE "One Identity Manager Job Service (UAT)" type= own displayName= "One Identity Manager v7.1.2 Job Service (UAT)"

binPath= "C:\Job Service\DEV\viNetworkService.exe"

 

To set description:

sc description "One Identity Manager Job Service (DEV)" "One Identity Manager v7.1.2 Job Service for SQL Server (DEV)"

sc description "One Identity Manager Job Service (UAT)" "One Identity Manager v7.1.2 Job Service for SQL Server (UAT)"

Then I verified the credentials to our service account.

IN designer, I have checked the queue names for the database job servers match those of the servers, and there are no cross-contaminations - DEV points to a queue \SQL2012_DEV and UAT points to a queue \SQL2012_UAT. I've confirmed this in the jobservice.cfg. I've even checked the ports are different (1880 for DEV, 1881 for UAT) so we're not confusing them either.

 

The AD sync project, and the Manager properties, are set up the same in DEV as in TEST (I created a PROJSHELL export). They have different descriptions in the UI just to avoid any confusion.

 

When I try to save the AD project I get the warning "Some start up configurations cannot be automatically assigned to the associated base object. Select the associated base object for each startup configuration in the list below." This doesn't happen in UAT. But that's the only technical difference I can see. We are even using the same service account.

 

Any ideas what else might be tripping it?

 

Thanks in advance

Parents
  • 0 over 7 years ago
    Hi,

    Thanks, I'm checking that now. I deleted and recreated all the parameters and base objects inside the DEV sync project, and now it seems to be working for populating the ADS namespace.

    I created a user in Manager which triggered the ADSAccount object and the Person object creations, but no account creation. I'll pick it up again tomorrow.

    One thing I have seen... Not sure if this is relevant, but I get a strange error in Manager when I try to validate the AD account:

    Could not connect to net.tcp://localhost:8722/Broadway/ManagedHosts.svc. The connection attempt lasted for a time span of 00:00:02.0468904. TCP error code 10061: No connection could be made because the target machine actively refused it 127.0.0.1:8722.
    Could not connect to net.tcp://localhost:8722/Broadway/ManagedHosts.svc. The connection attempt lasted for a time span of 00:00:02.0468904. TCP error code 10061: No connection could be made because the target machine actively refused it 127.0.0.1:8722.
    No connection could be made because the target machine actively refused it 127.0.0.1:8722
Reply
  • 0 over 7 years ago
    Hi,

    Thanks, I'm checking that now. I deleted and recreated all the parameters and base objects inside the DEV sync project, and now it seems to be working for populating the ADS namespace.

    I created a user in Manager which triggered the ADSAccount object and the Person object creations, but no account creation. I'll pick it up again tomorrow.

    One thing I have seen... Not sure if this is relevant, but I get a strange error in Manager when I try to validate the AD account:

    Could not connect to net.tcp://localhost:8722/Broadway/ManagedHosts.svc. The connection attempt lasted for a time span of 00:00:02.0468904. TCP error code 10061: No connection could be made because the target machine actively refused it 127.0.0.1:8722.
    Could not connect to net.tcp://localhost:8722/Broadway/ManagedHosts.svc. The connection attempt lasted for a time span of 00:00:02.0468904. TCP error code 10061: No connection could be made because the target machine actively refused it 127.0.0.1:8722.
    No connection could be made because the target machine actively refused it 127.0.0.1:8722
Children
No Data