A customer wants to sync their active directory information to our cloudpanel, therefore we want to first try it with our demo dc and fictional local domain.
The logs only say:
2022-12-12 10:32:54,814 [DEBUG] CloudPanel.CPStaticHelpers – Checking if TES is under the limit for section user
2022-12-12 10:32:54,819 [DEBUG] CloudPanel.CPStaticHelpers – Checking if company TES is enabled for Exchange
2022-12-12 10:32:54,821 [DEBUG] CloudPanel.CPStaticHelpers – Checking if company TES is enabled for spam filtering
2022-12-12 10:32:54,870 [DEBUG] CloudPanel.ActiveDirectory.ADUsers – Retrieving the PrincipalContext…
2022-12-12 10:32:54,874 [DEBUG] CloudPanel.ActiveDirectory.ADUsers – Attempting to retrieve user photo for [my username]
It does not sync any changes. No password changes, no displayname changes. These are the most obvious to notice, in my opinion.
I assume you followed this article: https://kb.knowmoreit.com/docs/cloudpanel-adsync/ ? There should be logs on the ADSync side that will give us more information as to what is going on. It does require the email address to be filled out and matching on the AD side to the CloudPanel side
@jdixon Yes, I did follow the article. The email addresses are filled out on both sides and match, but nothing is syncing.
I attached the logs from the ADSync side.
@rechenzentrumkraemer-it-de Is this running the latest release? I assume you are on 3.2.0354 or prior? If so check out this known issue which is what you are facing: http://knowmoreit.com/known-issues/
Workaround: There was a mistake on our end that released a 32-bit version of ADSync when it should of been 64-bit. This causes the service to check the WOW6432Node key which does not exist. To fix this issue, export the key and values from HKEY_LOCAL_MACHINE\SOFTWARE\Know More IT\Sync Service to a registry file, edit the file and change the path to HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Know More IT\Sync Service and import the registry file. This will be resolved in the next release and look back at the 64-bit registry.
@jdixon Thank you, now it works.
Now that I tested it a bit, I have a question.
The option “Sync Precedence” with “-way” in the cloudpanel, what does it sync?
Is it random with side it picks, or does it just sync the latest changes on both sides?
Also in the installation article it says passwords are ‘always synced two-way. (…) The sync precedence applies only to the attributes you select below.‘
But now, you can select the password for syncing. Does that mean that the sync presendence applies to it as well?
@rechenzentrumkraemer-it-de The sync precedence for two-way will be last write wins. You can turn off password syncing completely by unchecking the checkbox and regardless of the presendence set, it won’t sync.
