<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#ffffff" text="#000000">
    Hi Jimmy,<br>
    <br>
    I believe this is the documentation for the old IPA 1 version.
    You'll find the updated guide at the link below. I used this guide
    for configuring IPA <-> AD sync.<br>
    <br>
<a class="moz-txt-link-freetext" href="http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/index.html">http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/index.html</a><br>
    <br>
    <br>
    Regards,<br>
    Siggi<br>
    <br>
    <br>
    On 12/08/2011 10:31 PM, Jimmy wrote:
    <blockquote
cite="mid:CAG8E47QuCj3j8U3w1akAVdjvHYk-_AVQVT1qMyZsK5Pgka92=A@mail.gmail.com"
      type="cite">I had a few weeks away from this configuration and
      finally getting back to it. I'm uncertain of the correct path
      forward. I don't seem to be able to find the documentation on how
      to install the cert into the Passsync NSS database. I have been
      following this document:
      <div>
        <br>
      </div>
      <div><a moz-do-not-send="true"
href="http://freeipa.org/docs/1.2/Installation_Deployment_Guide/en-US/html/chap-Installation_and_Deployment_Guide-Setting_up_Synchronization_Between_IPA_and_Active_Directory.html">http://freeipa.org/docs/1.2/Installation_Deployment_Guide/en-US/html/chap-Installation_and_Deployment_Guide-Setting_up_Synchronization_Between_IPA_and_Active_Directory.html</a><br>
        <br>
        We are attempting to replicate users from an AD instance to
        FreeIPA,</div>
      <div>Thanks- Jimmy</div>
      <div><br>
        <div class="gmail_quote">On Fri, Nov 11, 2011 at 4:55 PM, Rob
          Crittenden <span dir="ltr"><<a moz-do-not-send="true"
              href="mailto:rcritten@redhat.com">rcritten@redhat.com</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
            0.8ex; border-left: 1px solid rgb(204, 204, 204);
            padding-left: 1ex;">
            <div class="im">Rich Megginson wrote:<br>
              <blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
                0.8ex; border-left: 1px solid rgb(204, 204, 204);
                padding-left: 1ex;">
                On 11/11/2011 02:23 PM, Jimmy wrote:<br>
                <blockquote class="gmail_quote" style="margin: 0pt 0pt
                  0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204);
                  padding-left: 1ex;">
                  I do have the AD SSL cert installed, but from how I
                  read it, I need to<br>
                  install the cert from the FreeIPA DS into Windows AD
                  certificate store.<br>
                </blockquote>
                Perhaps for something else, but for windows
                sync/passsync, you do not<br>
                need to install the cert from the FreeIPA DS into
                Windows AD certificate<br>
                store.<br>
              </blockquote>
              <br>
            </div>
            Right, you just need to install it in the Passsync NSS
            databsae.<span class="HOEnZb"><font color="#888888"><br>
                <br>
                rob<br>
              </font></span></blockquote>
        </div>
        <br>
      </div>
      <pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
Freeipa-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeipa-users@redhat.com">Freeipa-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-users">https://www.redhat.com/mailman/listinfo/freeipa-users</a></pre>
    </blockquote>
    <br>
  </body>
</html>