This content has been marked as final. Show 2 replies
Problem is that the change attribute value in the SafeBoot database is higher than the one the user(s) have in the actual Active Directory.
You can check this for instance, with an LDAP Browser, by looking at a useraccount in the AD and look at the usnchanged attribute.
Now, compare this one to the binding attribute under "Bindings" and you will see that the useraccounts binding in the safeboot database is higher.
This means that the connector assumes that the safeboot useraccount is newer / more recently updated than the one within the Active Directory, and is therefore ignoring the changes.
If you were to simply alter the bindingvalue in the safeboot database back to zero, and resync, it will update it again as you were to run the connector.
If you have many users in the directory which have this issue (most-likely all of them as you've moved the ad, resetting their usnchanged attribute), you can script this -- but this a bit more tricky and not straightforward , if so i would like you to give a call to techsupport, raise a ticket and make sure it gets escalated to me (Eelco, Tier 2 netherlands) on my request.
Hope this helps.
thanks a lot for your response. You solved my problem. Safeboot support is the best I have ever talked to. We use Safeboot since 3 years now and you support guys were always quick and helpful. I hope McAfee will keep you.
Actually the error message was pretty clear and I already had a look at the binding attributes but was not sure if I could change these right away.