[Freeipa-devel] [PATCH] 894 add winsync info to ipa-replica-manage man page
Martin Kosek
mkosek at redhat.com
Fri Oct 14 07:07:40 UTC 2011
On Fri, 2011-10-14 at 08:04 +0300, Alexander Bokovoy wrote:
> On Fri, 14 Oct 2011, Rob Crittenden wrote:
> > Alexander Bokovoy wrote:
> > >On Thu, 13 Oct 2011, Rob Crittenden wrote:
> > >>Added more detailed information on creating a winsync replica to the
> > >>ipa-replica-manage man page.
> > >
> > >>+Creating a Windows AD Synchronization agreement is similar to creating an IPA replication agreement, there are just a couple of extra steps:
> > >>+.TP
> > >>+1. Transfer the base64\-encoded Windows AD CA Certficate to your IPA Server
> > >>+.TP
> > >>+2. Remove any existing kerberos credentials
> > >>+ # kdestroy
> > >>+.TP
> > >>+3) Add the winsync replication agreement
> > >>+ # ipa\-replica\-manage connect \-\-winsync
> > >>\-\-passsync=<bindpwd_for_syncuser_that will_be_used_for_agreement>
> > >>\-\-cacert=/path/to/adscacert/WIN\-CA.cer \-\-binddn
> > >>"cn=administrator,cn=users,dc=ipa,dc=qe" \-\-bindpw
> > >><ads_administrator_password> \-v<adserver.fqdn>
> > >Could you please make DN similar to what is below? There will be
> > >confusion:
> >
> > Done. I also added a bit about the PassSync user and the AD bind dn.
> ACK
>
Pushed to master, ipa-2-1.
Martin
More information about the Freeipa-devel
mailing list