[Freeipa-users] Passsync details missing
Dmitri Pal
dpal at redhat.com
Tue Oct 23 17:13:10 UTC 2012
On 10/23/2012 12:47 PM, Simo Sorce wrote:
> On Tue, 2012-10-23 at 12:16 -0400, Dmitri Pal wrote:
>> On 10/23/2012 07:50 AM, George Machitidze wrote:
>>> Hi
>>>
>>> I'm testing MS AD integration, following document contents
>>> http://docs.fedoraproject.org/en-US/Fedora/17/html/FreeIPA_Guide/managing-sync-agmt.html
>>>
>>> For 8.4.2. (Creating Synchronization Agreements) we've got "--passsync
>>> secretpwd", but nowhere's said if user has to be created on MS AD
>>> side, or if any package has to be installed.
>> It is implied that this is the password of the administrative user that
>> you already have on the AD side.
> Nope, the password provided with that switch is used to create a special
> sysaccount user named 'passsync' in IPA.
> the DN of the user is: uid=passsync,cn=sysaccount,cn=etc,$suffix
>
> This user is used by the Windows Passsync plugin installed on AD domain
> controllers. So this password is what you need to use when configuring
> the Passync plugin together with the above dn template.
>
> Simo.
>
Then we should update our docs.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list