[Freeipa-users] Fwd: passync LDAP error in queryusername
Dmitri Pal
dpal at redhat.com
Fri Dec 21 22:31:05 UTC 2012
On 12/21/2012 10:54 AM, Nate Marks wrote:
> I solved this and I'll share my ignorance just in case it helps
> someone else: It wasn't clear to me that passsync needed the search
> base on the IPA server rather than the search base for the ad server.
> *facepalm*
>
May be we can make the docs clear.
Can you point to the place that confused you?
> ---------- Forwarded message ----------
> From: *Nate Marks* <npmarks at gmail.com <mailto:npmarks at gmail.com>>
> Date: Fri, Dec 21, 2012 at 9:47 AM
> Subject: passync LDAP error in queryusername
> To: freeipa-users at redhat.com <mailto:freeipa-users at redhat.com>
>
>
> 32: no such object
> deferring password change for newinclude
>
>
> I'm baffled. I think I made the search base exactly the same as the
> DN I found in LDP. Capitalized "OU" and DC. no spaces.
>
> the ad dn for the search base is
> 'OU=syncinclude,OU=syncroot,DC=testdomain,DC=corp'
>
> it detected the password change for
> 'CN=newinclude,OU=syncinclude,OU=syncroot,DC=testdomain,DC=corp'
>
> Any tips
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20121221/a3eeca80/attachment.htm>
More information about the Freeipa-users
mailing list