[Fedora-directory-users] PassSync only working one way

Jeff Gamsby JFGamsby at lbl.gov
Tue Jun 13 22:08:03 UTC 2006 

I thought that I had the PassSync working until I ran into this problem:

Passwords are not synchronized from FDS to AD.  When accounts are added 
to FDS, they do show up in AD ( Although sometimes the cn attribute gets 
base64 encoded ), but I cannot authenticate to AD. When I change 
passwords in the FDS side, they are not changed ( or not sent ) to AD. 
If I change passwords in AD, they are changed in the FDS.

The logs show that something is happening (changed host names and dn's)

[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD" 
(ad:636): No linger to cancel on the connection
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - 
windows_acquire_replica returned success (101)
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD" 
(ad:636): State: ready_to_acquire_replica -> sending_updates
[13/Jun/2006:15:03:41 -0700] - _cl5PositionCursorForReplay (agmt="cn=AD" 
(ad:636)): Consumer RUV:
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD" 
(ad:636): {replicageneration} 448f18ae000000010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD" 
(ad:636): {replica 1 ldap://fds:389} 448f18e4000100010000 
448f363d03d400010000 448f363d
[13/Jun/2006:15:03:41 -0700] - _cl5PositionCursorForReplay (agmt="cn=AD" 
(ad:636)): Supplier RUV:
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD" 
(ad:636): {replicageneration} 448f18ae000000010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD" 
(ad:636): {replica 1 ldap://fds:389} 448f18e4000100010000 
448f363d03d700010000 448f363d
[13/Jun/2006:15:03:41 -0700] agmt="cn=AD" (ad:636) - session start: 
anchorcsn=448f363d03d400010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - changelog program - 
agmt="cn=AD" (ad:636): CSN 448f363d03d400010000 found, position set for 
replay
[13/Jun/2006:15:03:41 -0700] agmt="cn=AD" (ad:636) - load=1 rec=1 
csn=448f363d03d600010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD" 
(ad:636): windows_replay_update: Looking at modify operation local 
dn="uid=user,ou=people,dc=server,dc=,dc=" (ours,user,not group)
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD" 
(ad:636): windows_replay_update: Processing modify operation local 
dn="uid=user,ou=people,dc=server,dc=,dc=" remote 
dn="<GUID=16f869dcfdde3d42bcb075fd4a1c7980>"


I'm not sure what is going on, I can talk via SSL from FDS to AD, and 
I'm assuming that the PassSync service is working properly since the 
changes from AD to FDS work.

Any suggestions?

More information about the Fedora-directory-users mailing list