<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Hi Jimmy,<br>
<br>
I believe this is the documentation for the old IPA 1 version.
You'll find the updated guide at the link below. I used this guide
for configuring IPA <-> AD sync.<br>
<br>
<a class="moz-txt-link-freetext" href="http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/index.html">http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/index.html</a><br>
<br>
<br>
Regards,<br>
Siggi<br>
<br>
<br>
On 12/08/2011 10:31 PM, Jimmy wrote:
<blockquote
cite="mid:CAG8E47QuCj3j8U3w1akAVdjvHYk-_AVQVT1qMyZsK5Pgka92=A@mail.gmail.com"
type="cite">I had a few weeks away from this configuration and
finally getting back to it. I'm uncertain of the correct path
forward. I don't seem to be able to find the documentation on how
to install the cert into the Passsync NSS database. I have been
following this document:
<div>
<br>
</div>
<div><a moz-do-not-send="true"
href="http://freeipa.org/docs/1.2/Installation_Deployment_Guide/en-US/html/chap-Installation_and_Deployment_Guide-Setting_up_Synchronization_Between_IPA_and_Active_Directory.html">http://freeipa.org/docs/1.2/Installation_Deployment_Guide/en-US/html/chap-Installation_and_Deployment_Guide-Setting_up_Synchronization_Between_IPA_and_Active_Directory.html</a><br>
<br>
We are attempting to replicate users from an AD instance to
FreeIPA,</div>
<div>Thanks- Jimmy</div>
<div><br>
<div class="gmail_quote">On Fri, Nov 11, 2011 at 4:55 PM, Rob
Crittenden <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:rcritten@redhat.com">rcritten@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
<div class="im">Rich Megginson wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
On 11/11/2011 02:23 PM, Jimmy wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt
0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
I do have the AD SSL cert installed, but from how I
read it, I need to<br>
install the cert from the FreeIPA DS into Windows AD
certificate store.<br>
</blockquote>
Perhaps for something else, but for windows
sync/passsync, you do not<br>
need to install the cert from the FreeIPA DS into
Windows AD certificate<br>
store.<br>
</blockquote>
<br>
</div>
Right, you just need to install it in the Passsync NSS
databsae.<span class="HOEnZb"><font color="#888888"><br>
<br>
rob<br>
</font></span></blockquote>
</div>
<br>
</div>
<pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
Freeipa-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeipa-users@redhat.com">Freeipa-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-users">https://www.redhat.com/mailman/listinfo/freeipa-users</a></pre>
</blockquote>
<br>
</body>
</html>