<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Colonna MT";
panose-1:4 2 8 5 6 2 2 3 2 3;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">Hey all,<o:p></o:p></p>
<p class="MsoNormal">FreeIPA has been very simple to setup so far, I have been able to follow along with the documentation every step of the way. I am running into an issue however when trying to set up replication between the Red Hat 6.2 server running FreeIPA
and the Win 2008 R2 server running Active Directory. I created the replication user like the instructions say and gave it the necessary permissions, however when I try to set up the agreement, it tells me I am using invalid credentials. I am unsure of what
I should do at this point? SSL Certs are installed on both and trusted on both, the servers are connected and both are synced to the same time source. Can anyone think of anything else?<o:p></o:p></p>
<p class="MsoNormal">I am using the command as follows:<o:p></o:p></p>
<p class="MsoNormal">Ipa-replica-manage connect –winsync<o:p></o:p></p>
<p class="MsoNormal">--binddn cn=freeipa,cn=users,dc=prod,dc=example,dc=com<o:p></o:p></p>
<p class="MsoNormal">--bindpw mypassword<o:p></o:p></p>
<p class="MsoNormal">--passsync mypassword<o:p></o:p></p>
<p class="MsoNormal">--cacert /etc/openldap/cacerts/winadcert.cer<o:p></o:p></p>
<p class="MsoNormal">oly-infra-ldap2.prod.example.com<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-size:14.0pt;font-family:"Colonna MT"">Sara Kline<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:14.0pt;font-family:"Colonna MT"">System Administrator<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:14.0pt;font-family:"Colonna MT"">Transaction Network Services, Inc<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:14.0pt;font-family:"Colonna MT"">4501 Intelco Loop, Lacey WA 98503<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:14.0pt;font-family:"Colonna MT"">Wk: (360) 493-6736<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:14.0pt;font-family:"Colonna MT"">Cell: (360) 280-2495<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<br>
<hr>
<font face="Arial" color="Gray" size="1">This e-mail message is for the sole use of the intended recipient(s)and may<br>
contain confidential and privileged information of Transaction Network Services.<br>
Any unauthorised review, use, disclosure or distribution is prohibited. If you<br>
are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.<br>
<br>
</font>
</body>
</html>