Nevermind. I was mucking up the certificate. got it fixed.<br><br><div class="gmail_quote">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">Nate Marks</b> <span dir="ltr"><<a href="mailto:npmarks@gmail.com">npmarks@gmail.com</a>></span><br>
Date: Fri, Dec 21, 2012 at 6:36 AM<br>Subject: user sync works, passsync eludes me<br>To: <a href="mailto:freeipa-users@redhat.com">freeipa-users@redhat.com</a><br><br><br>Here's what the log says:<br><br>LDAP bind error in connect<br>
81: Can't contact LDAP server<br>Can not connect to ldap server in SyncPasswords<br><br><br>I keep changing the passsync config values by re-running the msi with the modify option. I'm not sure if that's the way to do this, but my current options are:<br>
<br>hostname: IPA server FQDN. it seems to resolve fine<br>port number: 636<br>username: (i checked this in ldap:uid=passsync,cn=sysaccounts,cn=etc,dc=<domain>,dc=<tld><br>password: matches the one set in ipa-replica-manage connect --passsync option<br>
certtoken: string copied from the IPA server (/etc/dirsrv/slapd-<MYHOST>/pwdfile.txt)<br>search base : same as win-subtree value<br><br><br>so close, but stuck. thanks in advance for any help !<span class="HOEnZb"><font color="#888888"><br>
<br>nate<br>
</font></span></div><br>