[Freeipa-users] Winsync agreements, what happens if it breaks?
Rob Crittenden
rcritten at redhat.com
Mon Mar 12 14:04:56 UTC 2012
Steven Jones wrote:
> Hi,
>
> If I have a winsync agreement from AD to IPA, and this does uni-directional password from AD to IPA and for some reason this temporarily breaks, say a network failure.....
winsync doesn't do password changes, passsync does.
> 1) Is there a time limit to -re-establish before it becomes "stale"?
I believe it will try forever.
> 2_ Once the communications is functioning again will the differences catch up? say someone changes their AD password while the winsync was broken.....will it sync later anyway?
winsync uses a pull model so yeah, once the connection is made it will
catch up to any AD changes made and will forward any applicable IPA-side
changes. I believe there is a cap on the either the number of age of
changes that 389-ds replication will store, which I believe is configurable.
I believe the passsync service will retry, I'm not sure how many times,
etc. Rich may know.
rob
More information about the Freeipa-users
mailing list