[Fedora-directory-users] Windows Active Directory sync Help!

Rich Megginson rmeggins at redhat.com
Wed Jan 9 17:52:05 UTC 2008


kiran madala wrote:
> As far I understand by reading docs again that the user specified in the Syn agreement and Bind DN should be same and exist on Active directory with Domain Admin privileges.  But I have other issues now.
>
> The DS server is unable to connect to my AD.
What error messages are you getting?  Check the error log.

You can also try using ldapsearch.  Are you using Fedora DS 1.1 or 
1.0.4?  What OS?
> I enabled SSL by copying the same root certificate into AD and also generating a server certificate and opened up ports in firewall. Am I missing something like allowing client Authentication on the AD machine?
>   
You don't need to use cert based client auth.  You can use regular 
username/password auth over TLS/SSL.
> My currents certificates are as follows.
>
> DS has its own server certificate
> AD has its own server  certificate
> ALL 3 servers AS,DS and AD have the same CA root certificate
>
>
>
> ----------------------------------------
>   
>> From: kirankmadala at hotmail.com
>> To: fedora-directory-users at redhat.com
>> Date: Wed, 9 Jan 2008 10:35:00 -0400
>> Subject: [Fedora-directory-users] Windows Active Directory sync Help!
>>
>>
>> Hello,
>>
>> I am trying to sync the DS with AD. Since I am new to AD and DS I have few questions.
>>
>> I want to synchronize only users and groups so Is it necessary to enable SSL on Active Directory and connect to Active directory through SSL?
>>
>> In the replica settings the supplier DN user need to be on both AD and DS with should be a Domain admin of the AD?
>>
>> When trying to synchronize with AD the bind DN (In screen shot) user should be in both AD and DS?
>>
>>
>> I have attached the screen shot of my final DS agreement window. I believe currently it is defined to synchronize users what changes I need to make it synchronize groups aswell.
>>
>> Thanks in advance
>> _________________________________________________________________
>> Exercise your brain! Try Flexicon!
>> http://puzzles.sympatico.msn.ca/chicktionary/index.html?icid=htmlsig
>>     
>
> _________________________________________________________________
> Use fowl language with Chicktionary. Click here to start playing!
> http://puzzles.sympatico.msn.ca/chicktionary/index.html?icid=htmlsig
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20080109/11df25a7/attachment.bin>


More information about the Fedora-directory-users mailing list