KNOWN ISSUE: Active Directory Synchronization schedule is deleting imported users.
Last Updated January 30, 2014
Customer has used the AD Import User rule to import their Users. They import successfully. There are about 5,636 users listed in the All Resources page in the SMP Console. When the Active Directory Synchronization schedule runs, those users are deleted. In the Console, under All Resource>Default>Users, those Users had been deleted. Then the customer runs the AD import user rule and it will repopulate the users.
We enabled trace and verbose logging on the logviewer. The logviewer shows message that the users are being deleted when the Active Directory Synchronization schedule is running.
Known issue. The culprit is a cn with a comma in it. Import users with 'special' character in first DN part in AD (for example, CN=Doe, John).
Symantec has acknowledged that the above-mentioned issue is present in the current version of the product mentioned earlier on this article. Symantec is committed to product quality and satisfied customers.
Symantec currently plans to address this issue by including a fix in the next ITMS 7.5 Hotfix: Hotfix 4. Please be sure to refer back to this document periodically as any changes to the status of the issue will be reflected here. A link to the Release Notes will be added to this document when it becomes available. Please note that Symantec reserves the right to remove any fix from the targeted release if it does not pass quality assurance tests. Symantec’s plans are subject to change and any action taken by you based on the above information or your reliance upon the above information is made at your own risk.
The current workaround is to disable the AD Sync schedule.
ITMS 7.5 (with HF1, HF2 or HF3)
Imported Document ID: TECH214561
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe