[Freeipa-users] Fwd: passync LDAP error in queryusername
Nate Marks
npmarks at gmail.com
Fri Dec 21 15:54:00 UTC 2012
I solved this and I'll share my ignorance just in case it helps someone
else: It wasn't clear to me that passsync needed the search base on the
IPA server rather than the search base for the ad server. *facepalm*
---------- Forwarded message ----------
From: Nate Marks <npmarks at gmail.com>
Date: Fri, Dec 21, 2012 at 9:47 AM
Subject: passync LDAP error in queryusername
To: freeipa-users at redhat.com
32: no such object
deferring password change for newinclude
I'm baffled. I think I made the search base exactly the same as the DN I
found in LDP. Capitalized "OU" and DC. no spaces.
the ad dn for the search base is
'OU=syncinclude,OU=syncroot,DC=testdomain,DC=corp'
it detected the password change for
'CN=newinclude,OU=syncinclude,OU=syncroot,DC=testdomain,DC=corp'
Any tips
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20121221/d2c24aea/attachment.htm>
More information about the Freeipa-users
mailing list