Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Unity in two AD domains, but one "Schema Master"

Hi,

With the setup described belowe, I'm not able to import users from both AD domains.

In the setup there are two seperate AD domains, but with the same "Schema Master" and only one Exchange-site for both of them.

I have runned the schema changes on the "Schema Master", but when I try to import users from the second domain, it fails with the following error: An unrecognized error has occurred. The new subcriber was not successfully added.

Do anyone knows what the problem might be?

Thanks in advance.

Kind regards

Michael Gregersen

5 REPLIES
Cisco Employee

Re: Unity in two AD domains, but one "Schema Master"

Unity is going to need to modify a few attributes on the Users that are to be imported. The AvDSAD service is the guy that takes care of this work. What's probably going on is that the account that the AvDSAD service is running under does not have sufficient permissions to modify Users in the other Domain. To verify this, set the AvDSAD traces, reproduce and post the results.

If the system is 3.1.5, and you're having trouble in that area, there will be an event log error from the AvDSAD.

Cisco Employee

Re: Unity in two AD domains, but one "Schema Master"

Also, you might want to check out the new Directory Access Diagnostics tool - it's designed to help run down permissions problems with new adds an imports just like this. You can get the tool (along with a training video for it) here:

http://www.ciscounitytools.com/App_DAD.htm

New Member

Re: Unity in two AD domains, but one "Schema Master"

After using the DAD tool, everything seems fine, everything passes the tests. I'm also able to find the user in Unity afterwards, but when I click on the user I just get "this page could not be displayed correctly", and the user shows up in the list without an directory-number assigned. I have done some traces, but I'm not able to understand them correctly, it seems to me that somthing goes wrong in the LDAP rights, but I'm not sure about this.

Cisco Employee

Re: Unity in two AD domains, but one "Schema Master"

If the DAD results panned out, this might not be a permissions issue at all. If you can post some traces, I can take a look. I'm now interested in...

AlCommon - 10

AvSaDbComm - everything

AvRdbSvr - 10

DalDb - 10

Doh -10

Reproduce the failure, and then go ahead and turn the traces off.

New Member

Re: Unity in two AD domains, but one "Schema Master"

Hi,

I have done the traces requested, is there an email address I can send these to? Thanks in advance....

/michael

165
Views
0
Helpful
5
Replies