[Freeipa-devel] Please review: Bug 459729 - Windows sync support in IPA - setup and configuration
Rich Megginson
rmeggins at redhat.com
Thu Sep 11 17:17:57 UTC 2008
https://bugzilla.redhat.com/show_bug.cgi?id=459729
Resolves: bug 459729
Bug Description: Windows sync support in IPA- setup and configuration
Reviewed by: ???
Files: see diff
Branch: HEAD
Fix Description: This patch adds support for Windows Sync and the IPA
Winsync plugin
ipa-server-install and ipa-replica-manage
The only change to server install is to just add the ipa winsync plugin
config entry.
A Windows Sync agreement is added via ipa-replica-manage add. I had to add
additional flags to make it work:
--port=PORT port number of other server
--binddn=BINDDN Bind DN to use with remote server
--bindpw=BINDPW Password for Bind DN to use with remote server
--winsync This is a Windows Sync Agreement
--cacert=CACERT Full path and filename of CA certificate to use with
TLS/SSL to the remote server
The tricky part is installing the Windows CA cert. I had to add support
to shutdown the ds, install the ca cert in the ds cert db, and restart
the ds, before adding the sync agreement. The rest was pretty easy,
since replication agreements are almost like sync agreements.
Platforms tested: Fedora 9
Flag Day: no
Doc impact: no
https://bugzilla.redhat.com/attachment.cgi?id=316460&action=diff
More information about the Freeipa-devel
mailing list