| Applies To | |||
| Product(s): | ProjectWise Server V8i | ||
| Version(s): | 08.11.05.37 | ||
| Environment: | N/A | ||
| Area: | Authentication Svr - User sync Svc | ||
| Subarea: | N/A | ||
| Original Author: | Bentley Technical Support Group | ||
Problem Description
user keeps getting disabled.
a new user was created in active directory for a new employee, and he was added to the ProjectWise group.
When USS ran it created his account.
The next time USS ran it disabled his account.
We have to keep resetting his account to active everyday.
Solution
Turned up the logging for user sync service and found the following errors.
The User SID in ProjectWise is DMS:S-1-5-21-329068152-2139871995-682003330-7353 and we cant find this sid in AD so we cant map the PW account to a real AD user
2010-01-08 09:00:01,071 WARN [3440] pwise.usersync - constructUserPath - Failed to get account path for account[company\John.Doe [DMS:S-1-5-21-329068152-2139871995-682003330-7352]]: code[0x80070534], err[No mapping between account names and security IDs was done.
In this error we find that there is a user that is a member of a synced group that doesn’t have a SID in PW so we try to sync them. It fails because there is already a user with the same name in PW (Unique constraint violated). In this case we can see the AD user sid, the SID is AD:S-1-5-21-329068152-2139871995-682003330-5122
2010-01-07 18:00:03,492 ERROR [3440] pwise.usersync - Failed to create user 'company\John.doe [LDAP://EngineeringDC.Company.local/DC=local/DC=Company/OU=city/OU=Engineering/CN=John.Doe] [AD:S-1-5-21-329068152-2139871995-682003330-5122]' in the datasource 'engineering02.Company.local:projectwise'.
Unique constraint violated.
So for some reason the user was created in PW with sid that no longer matches the sid in AD. Switching the user to “windows” and then back to “windows sync” should flush / recreate the sid. If not we can go in to the database and fix it.
If that does not work, here are the instructions to fix the sid in the database. I
For the database you would need to look up the userno
Select * from dms_user where o_username = ’John.Doe’
Then we need to look up the sidno id
Select * from ds_mapping where o_itemno = some_userno (some_userno would be the user number found in the first statement)
Then we can look up the sid
Select * from ds_sid where o_sidno = some_sidno (some_sidno would be the sid id found in the previous statement)
To update the sid
UPDATE ds_sid SET
o_sidvalue = ' place sid from log file here' (this is the value that Projectwise is pulling from AD)
where o_sidno = some_sidno; (some_sidno is the sid value found in the previous statement)
See Also
External Links
Bentley Technical Support KnowledgeBase
Comments or Corrections?
Bentley's Technical Support Group requests that you please confine any comments you have on this Wiki entry to this "Comments or Corrections?" sectioXn. THANK YOU!