Dirsync: Write: Failed to add objectSid. The destination domain must be in the forest
説明
During a Workflow run to create user and sync SIDHistory, it encountered a Write error below.
Write: Failed to add objectSid of user in source.local using SOURCEDC.source.local to sIDHistory of user in dc=target,dc=local using targetdc.target.local. (The destination domain must be in the forest)
原因
The root forest level was selected for the Target Default OU in the Stage Data task.
対策
Go to Workflow Settings.
Go to Sync Workflow section.
At Stage Data step, click on Select.
Ensure you select one target OU and not the root forest level.
Wrong Configuration:
Right Configuration:
追加情報
If your source Active Directory create objects directly under the Root of the Domain, the workaround would be:
1. Create the objects under an OU in the target domain with the same OU structure as the source.
Example, instead of selecting the Root of the Domain, we can select an OU under the Root, then all source OUs will be created under this OU in the target and retain the source OU structure.
2. You may move the OUs later on once the migration is completed.
