[Freeipa-users] Creating password sync
Rich Megginson
rmeggins at redhat.com
Tue Feb 4 20:40:29 UTC 2014
On 02/04/2014 01:13 PM, Todd Maugh wrote:
> now I am getting this after rerunning the install and trying to
> reinstall my cert
>
> LDAP bind error in connect
> 81: Can't Contact LDAP Server
That means
1) ipa ldap server is down
2) some sort of network problem
3) incorrect host/port specified in passsync config
4) host specified in passsync config is not the FQDN, or the FQDN
doesn't resolve both forward and reverse from the windows box
5) host specified in the passsync config does not match the ipa ldap
server certificate subject dn
6) incorrect CA cert installed in passsync cert db
>
> ------------------------------------------------------------------------
> *From:* freeipa-users-bounces at redhat.com
> [freeipa-users-bounces at redhat.com] on behalf of Todd Maugh
> [tmaugh at boingo.com]
> *Sent:* Tuesday, February 04, 2014 11:56 AM
> *To:* Rich Megginson; dpal at redhat.com
> *Cc:* freeipa-users at redhat.com
> *Subject:* Re: [Freeipa-users] Creating password sync
>
> Im seeing these errors in the passsync.log
>
> 32: No such object
> 02/03/14 16:23:40: Ldap error in QueryUsername
> 32: No such object
> 02/03/14 16:57:48: Abandoning password change for scottb, backoff expired
> 02/03/14 16:57:48: Ldap bind error in Connect
> 32: No such object
> 02/03/14 16:57:48: Ldap error in QueryUsername
> 32: No such object
> 02/03/14 18:06:04: Abandoning password change for scottb, backoff expired
> 02/03/14 18:06:04: Ldap bind error in Connect
> 32: No such object
> 02/04/14 10:24:59: PassSync service initialized
> 02/04/14 10:24:59: PassSync service running
> 02/04/14 10:25:00: Ldap bind error in Connect
> 32: No such object
> 02/04/14 10:58:37: Ldap bind error in Connect
> 32: No such object
> 02/04/14 10:58:37: PassSync service stopped
> 02/04/14 10:58:38: PassSync service initialized
> 02/04/14 10:58:38: PassSync service running
> 02/04/14 10:58:39: Ldap bind error in Connect
> 32: No such object
>
>
>
> ------------------------------------------------------------------------
> *From:* Rich Megginson [rmeggins at redhat.com]
> *Sent:* Tuesday, February 04, 2014 9:19 AM
> *To:* Todd Maugh; dpal at redhat.com
> *Cc:* freeipa-users at redhat.com
> *Subject:* Re: Creating password sync
>
> On 02/04/2014 10:17 AM, Todd Maugh wrote:
>> also I have verified the password synchronization service is started
>> and running on the windows 2008 R2 server
>>
>>
>> but I cant tell if or what it is doing because iM not getting
>> passwords to my IDM
> http://port389.org/wiki/Howto:WindowsSync#PassSync_Logging
>
> You can also look at the 389 access log to see if you have connections
> from the windows box.
>
>> ------------------------------------------------------------------------
>> *From:* freeipa-users-bounces at redhat.com
>> [freeipa-users-bounces at redhat.com] on behalf of Todd Maugh
>> [tmaugh at boingo.com]
>> *Sent:* Tuesday, February 04, 2014 9:04 AM
>> *To:* Rich Megginson; dpal at redhat.com
>> *Cc:* freeipa-users at redhat.com
>> *Subject:* [Freeipa-users] Creating password sync
>>
>> Ok, So I have my replication agreement set up.
>>
>> and I see accounts coming in to my IDM server from AD
>>
>> I have followed this guide from redhat
>>
>> https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/pass-sync.html
>>
>> to set up my password sync.
>>
>> I get no errors
>>
>> but my passwords are not syncing!
>>
>> Help! the documentation tells o fno way to verify or trouble shoot
>>
>>
>> Thank You
>>
>> -Todd Maugh
>> tmaugh at boingo.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140204/83455517/attachment.htm>
More information about the Freeipa-users
mailing list