[Fedora-directory-users] Windows Sync Errors
Glenn
glenn at mail.txwes.edu
Mon Jan 8 22:31:36 UTC 2007
One more entry is required -- objectclass: ntuser
-Glenn.
---------- Original Message -----------
From: "Glenn" <glenn at mail.txwes.edu>
To: david_list at boreham.org, "General discussion list for the Fedora Directory
server project." <fedora-directory-users at redhat.com>
Sent: Mon, 8 Jan 2007 14:32:07 -0600
Subject: Re: [Fedora-directory-users] Windows Sync Errors
> O.K., I think I have it now. It seems that the DS entry must have
> an "ntUserDomainID" attribute before Windows Sync can write it to
> the AD. Also, the "ntusercreatenewaccount" attribute must have a
> value of true. These attributes and their values can be adjusted in
> the console directory editor under each user's NT User page.
>
> Some attributes and their counterparts in Active Directory are
> mentioned in the Windows Sync manual, but the requirements for
> synchronization are not plainly enumerated. Such a list might make
> a worthwhile addition to a future edition of the manual.
>
> Thanks for your kind responses! -Glenn.
>
> ---------- Original Message -----------
> From: David Boreham <david_list at boreham.org>
> To: "General discussion list for the Fedora Directory server
> project." <fedora-directory-users at redhat.com>
> Sent: Mon, 08 Jan 2007 10:46:26 -0700 Subject: Re: [Fedora-directory-
> users] Windows Sync Errors
>
> > Glenn wrote:
> >
> > >>All you need is to have entries that are 'syncable'. On the FDS side
> > >>this means
> > >>special objectclass and attribute values. On the AD side it only
> > >>means having the entries in the container configured in the sync
> agreement.
> > >>
> > >>
> > >
> > >If I have entries in DS that do not exist in AD, and I "Initiate Full Re-
> > >synchronization", then these entries should be created in AD, correct?
> > >
> > Incorrect. As I said, they need very particular schema to be sync'ed
> >
> > (entries from AD to FDS will be sync'ed even if they only have basic
> > AD schema though). There is a bit of doc on this here :
> > http://www.redhat.com/docs/manuals/dir-
> > server/ag/7.1/sync.html#2859623 The easiest route might be for you
> > to create a test user using the java console
> > (make it an 'nt user') and then copy the object class and attributes
> > from that.
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> ------- End of Original Message -------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
------- End of Original Message -------
More information about the Fedora-directory-users
mailing list