Symptom:

Configure and run a directory import from an LDAP data source. The preview, the import, and the import log all report success and claim that x number of records have been added to the appropriate folder in the directory.

Upon checking that folder, you find that no records were added.

Note: if some users were previously added and are now to be moved, the move will succeed but new adds will fail.

Detailed Information:

LDAP servers can be configured to expose or hide specific fields when communicating with LDAP clients like EMF. If certain required fields are not exposed, the LDAP import will fail.

Resolution:

Make sure your LDAP server is configured to expose the "mail" and "sn" attributes to all LDAP clients. The configuration screen for your LDAP server may show a different name than the internal LDAP attribute name (i.e. "last name" for "sn" or "e-mail address" for "mail").

Additional Info:

Note that some LDAP servers (including Exchange and Lotus Notes) can be configured to expose different fields to Anonymous users than to Authenticated users - make sure you have exposed the fields for the appropriate type of user.