Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
Exchange
2000.active.directory
2000.admin
2000.announcements
2000.app.conversion
2000.applications
2000.clients
2000.clustering
2000.connectivity
2000.development
2000.documentation
2000.general
2000.information.store
2000.interop
2000.kms
2000.misc
2000.protocols
2000.realtime.collabo.
2000.setup
2000.transport
2000.win2000
admin
application.conversion
applications
clients
clustering
connectivity
design
development
misc
mobility
setup
tools
  
 
date: Sat, 12 Nov 2005 07:46:47 -0500,    group: microsoft.public.exchange2000.active.directory.integration        back       


Lotus Notes Connector and Directory Synchronization    
I am being faced with an interesting issue in regards to exporting Active
Directory objects to Lotus Notes using the Lotus Notes Connector. When I try
to initiate an export I receive the following error in the Application log.

-----------------------------------------
Event Type: Warning
Event Source: MSExchangeADDXA
Event Category: Replication
Event ID: 8340
Date:
Time:
User:  N/A
Computer:
Description:
ADC could not replicate CN=EndUser,CN=Users,DC=contoso,DC=com because it is
secured and the connection agreement does not allow secured objects to
replicate.
-----------------------------------------

I have so far been able to determine that this is due to the fact that we
have a single Deny ACE on every object in Active Directory, and therefore 
the
connector classifies the object as "secured". This Deny ACE has no
relationship to the permissions necessary to operate the connector, and 
there
is no way I can remove the Deny ACE since it has security policy
implications.

What I find puzzling is that:
1) The error message specifically references ADC, and CONNECTION AGREEMENT,
where I am clearly using a CONNECTOR. These are two seperately defined 
object
classes in the schema, msExchConnectionAgreement and msExchNotesConnection,
respectively.

2) The available settings of the Lotus Notes Connector does not provide a
means to allowed synchronization of secured objects. However, a Connection
Agreement does through an available setting that translates to an attribute
value in the msExchConnectionAgreement object class; the attribute is
msExchADCOptions.

Here is my question:
First off, has anyone dealt with this particular situation and had a fix?
Assuming no, I would like to then get a professional opinion on the test I
plan to perform.

Basically, since I know that the msExchADCOptions attribute controls whether
to synchronize "secured" objects in the context of a Connection Agreement.
Could this same attribute be added to the msExchNotesConnector object class
and set to the appropriate value in order to therefore control its behavior?
date: Sat, 12 Nov 2005 07:46:47 -0500   author:   Jeon Calhoun

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us