[Freeipa-users] IPA 2.2 Windows 2008R2 sync

Rob Crittenden rcritten at redhat.com
Wed Aug 8 21:59:01 UTC 2012 

Rich Megginson wrote:
> On 08/03/2012 09:50 AM, Baptiste AGASSE wrote:
>> Hi,
>>
>>>> Hi all,
>>>>
>>>> i've a problem with winsync between ipa 2.2 on centos 6.3 and Active
>>>> directory 2008R2.
>>>>
>>>> I'm following this documentation to enable synchronization:
>>>> http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/Setting_up_Active_Directory.html
>>>>
>>> There is nothing on this page about running certutil? Which link talks
>>> about certutil?
>> Links present in the documentation talk about commands and options for
>> certutil but i don't see anything about this error.
> http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/managing-sync-agmt.html

I agree, I don't think this is necessary either. I'm not sure if this 
originated in the 389-ds docs or we provided Deon (or David) with bad 
information long ago.

rob

>
>
>
> Can one of the IPA developers explain why it is necessary to install the
> IPA CA certificate into the Windows Cert Store in order to get
> Winsync/PassSync working?  I don't believe it is necessary.
>
> For now, just skip steps 1 and 2 under 8.4.1. Trusting the Active
> Directory and IPA CA Certificates
>
>>
>> I a newbie on Microsoft OSes, but  I don't understand why certutil
>> don't find my file.
>>
>> I will ask on a microsoft forum.
>>
>> Regards
>>
>>>> When i run as admin 'certutil -installcert -v -config
>>>> "ipa.foo.example.local\EXAMPLE.LOCAL Domain CA"
>>>> c:\Users\John\Documents\ipa-ca.crt' it returns (translated from
>>>> french) :
>>>>
>>>> CertUtil : -installCert command failure : 0x80070002 (WIN32: 2)
>>>> CertUtil: Specified file not found
>>>>
>>>> someone saw this issue ?
>>>>
>>>> Have a nice day.
>>>>
>>>> Regards.
>>>>
>>>> Baptiste.
>>>>
>>>> _______________________________________________
>>>> Freeipa-users mailing list
>>>> Freeipa-users at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/freeipa-users
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

More information about the Freeipa-users mailing list