[Freeipa-users] Problems with Passsync

Rich Megginson rmeggins at redhat.com
Fri May 18 14:33:55 UTC 2012 

On 05/17/2012 04:10 PM, Kline, Sara wrote:
>
> I was able to fix the import issue, and found some special SSL things 
> for Server 2008 when you are wanting to run LDAP/SSL. So Pass Sync is 
> no longer stating SSL is may not be setup correctly.
>
> I am running into an issue however. These are the entries in the Pass 
> Sync log file:
>
> PassSync service is running
>
> No entries yet
>

Did you reboot the AD box after installing PassSync?
Have you changed any passwords in AD?

> Ldap bind error in Connect 32: No such object
>

What is the bind DN you used when you configured PassSync on AD?  Does 
that DN correspond to a real user DN in IPA?

> Can not connect to ldap server in SyncPasswords
>
> Thanks,
>
> Sara Kline
>
> *From:*freeipa-users-bounces at redhat.com 
> [mailto:freeipa-users-bounces at redhat.com] *On Behalf Of *Kline, Sara
> *Sent:* Thursday, May 17, 2012 11:06 AM
> *To:* freeipa-users at redhat.com
> *Subject:* [Freeipa-users] Problems with Passsync
>
> Replication is working great. When I create/delete an account on the 
> AD server it shows up in FreeIPA, hoever I can't get Passsync to work. 
> I believe it is working because the last step in the documentation 
> isn't working. When I try to import the certificate, I get this message:
>
> Certutil.exe: "unable to open 
> "C:\Users\Administrator\Documents\ca.crt" for reading (-5950, 2). Any 
> ideas?
>
> Sara Kline
>
> System Administrator
>
> Transaction Network Services, Inc
>
> 4501 Intelco Loop, Lacey WA 98503
>
> Wk: (360) 493-6736
>
> Cell: (360) 280-2495
>
> ------------------------------------------------------------------------
>
> This e-mail message is for the sole use of the intended 
> recipient(s)and may
> contain confidential and privileged information of Transaction Network 
> Services.
> Any unauthorised review, use, disclosure or distribution is 
> prohibited. If you
> are not the intended recipient, please contact the sender by reply 
> e-mail and destroy all copies of the original message.
>
>
> ------------------------------------------------------------------------
> This e-mail message is for the sole use of the intended 
> recipient(s)and may
> contain confidential and privileged information of Transaction Network 
> Services.
> Any unauthorised review, use, disclosure or distribution is 
> prohibited. If you
> are not the intended recipient, please contact the sender by reply 
> e-mail and destroy all copies of the original message.
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120518/08958944/attachment.htm>

More information about the Freeipa-users mailing list