Resolution
Domain Migration Administrator 7.x
symptom
Error: '[7352] W14369: Failed to add LDAP://servername/CN=userid,OU=OUName,DC=domain to CN=GroupName. RC=80005008. One or more input parameters are invalid'
symptom
Memberships are not properly updated for Global Groups that have been previously migrated.
cause
Prior to DMA 7.2, when groups are migrated at different times, DMA may create the group on a different domain controller and DMA cannot locate the migrated group. To confirm this, you can run the report Migrated Accounts by Path from within that project (Reports / Migration Tasks Performed / Migrated Accounts by Path). In this report, the Target column will state the LDAP path to the migrated object. The name of the domain controller where the account was created, or the name of the target domain, will be stated after LDAP://. Typically when this issue occurs, you will see that the groups that were initially created on a different domain controller from where the current user migration is being written.
fix
This issue was first addressed in DMA 7.1 Hotfix 22291 however a more complete solution was added with DMA 7.1 Hotfix 35418. This particular fix is also included in DMA 7.2.
DMA 7.1 hotfixes can be downloaded from:
https://www.netiq.com/support/dma/hotfixes.asp?version=710The latest product upgrade can be downloaded from:
https://www.netiq.com/support/dma/default.asp