Harsha_Rachapal
10 years agoLevel 2
Profile Synchronization only syncs few users and groups in CA 10.0
Active Directory Profile Synchronization is set to Automatically synchronize users and groups.
- All groups get synced, LAst synchronized date: Shows latest date (Search whole tree is checked)
- However only few users ~700 gets synced (Sync Date: show today's date and time).
- Total number of users is 10,000.
- Not a big volume and the interval between each sync is 8 hours.
- There are no event errors.
- No errors in DTrace.
- Seems the last time users were synced was Sync Date: 1/17/2014.
- Checked all Firewall rules and AD ports. Looks good and available on CA server.
Any help is greatly appreciated.
So we had to engage Veritas and increase the chunk-size to 50,000. Usually the system will only allow you to increase the size to 10,000. However Veritas allowed us to update the configuration limit through the database which allowed the size to be increased to 50,000. Once this was done, the synchorization was able to sync all profiles. It seems there is an issue with 10.0.4 that it will only synchronize the max-chunk-size in one iteration. If the profiles are more than the chunk-size, the ADSynchronizer will not perform a second iteration to sync the remaining profiles.