On 10/04/2011 10:29 AM, Aaron Hagopian wrote:

access log on the 389 machine?  what version of 389-ds-base?  what platform?

It doesn't look like the AD server has ever shown up in the access log so I imagine this is purely a passsync issue.  

We are running Windows Server 2008 R2.  My hunch is that UAC is messing this up.  When I went to "check" on the settings under the "change" option from add/remove programs, all the options are blank.  I then re-input them all and upon bringing up the settings again, the options are still blank.  

Any ideas how to beat UAC for this?  We may need to disable UAC, change the settings and then re-enable UAC which unfortunately takes a lot of reboots.
I don't know.  I've never seen this before.  Are you logged into the Windows DC as Administrator?

[root@claw slapd-claw]# rpm -qi 389-ds-base
Name        : 389-ds-base                  Relocations: (not relocatable)
Version     :                           Vendor: Fedora Project
Release     : 1.el5                         Build Date: Mon 02 May 2011 11:36:56 AM CDT
Install Date: Tue 28 Jun 2011 08:02:38 AM CDT      Build Host: x86-10.phx2.fedoraproject.org
Group       : System Environment/Daemons    Source RPM: 389-ds-base-
Size        : 4953090                          License: GPLv2 with exceptions
Signature   : DSA/SHA1, Mon 02 May 2011 12:00:08 PM CDT, Key ID 119cc036217521f6
Packager    : Fedora Project
URL         : http://port389.org/
Summary     : 389 Directory Server (base)

x86_64 RHEL 5