[Freeipa-users] Creating password sync
Todd Maugh
tmaugh at boingo.com
Tue Feb 4 20:48:03 UTC 2014
but what about the "cant contact LDAP server in the passsync log"
and are you saying I should try to change one of the passwords in AD for it to go to IDM, or vice versa?
thanks
________________________________
From: Rich Megginson [rmeggins at redhat.com]
Sent: Tuesday, February 04, 2014 12:45 PM
To: Todd Maugh; dpal at redhat.com
Cc: freeipa-users at redhat.com
Subject: Re: Creating password sync
On 02/04/2014 01:42 PM, Todd Maugh wrote:
I have not changed any passwords in AD yet.
Then passsync will not have sent anything.
and the users I have in IDM from AD, their passwords are not working
Right. This is one of the (many) problems with the passsync approach - there currently is no way to populate the initial passwords - that is, passsync/IdM cannot copy your passwords over from AD to IdM.
________________________________
From: Rich Megginson [rmeggins at redhat.com<mailto:rmeggins at redhat.com>]
Sent: Tuesday, February 04, 2014 12:40 PM
To: Todd Maugh; dpal at redhat.com<mailto:dpal at redhat.com>
Cc: freeipa-users at redhat.com<mailto:freeipa-users at redhat.com>
Subject: Re: Creating password sync
On 02/04/2014 01:20 PM, Todd Maugh wrote:
my passhook.log file is empty
Have you changed any passwords in AD?
________________________________
From: freeipa-users-bounces at redhat.com<mailto:freeipa-users-bounces at redhat.com> [freeipa-users-bounces at redhat.com<mailto:freeipa-users-bounces at redhat.com>] on behalf of Todd Maugh [tmaugh at boingo.com<mailto:tmaugh at boingo.com>]
Sent: Tuesday, February 04, 2014 11:56 AM
To: Rich Megginson; dpal at redhat.com<mailto:dpal at redhat.com>
Cc: freeipa-users at redhat.com<mailto:freeipa-users at redhat.com>
Subject: Re: [Freeipa-users] Creating password sync
Im seeing these errors in the passsync.log
32: No such object
02/03/14 16:23:40: Ldap error in QueryUsername
32: No such object
02/03/14 16:57:48: Abandoning password change for scottb, backoff expired
02/03/14 16:57:48: Ldap bind error in Connect
32: No such object
02/03/14 16:57:48: Ldap error in QueryUsername
32: No such object
02/03/14 18:06:04: Abandoning password change for scottb, backoff expired
02/03/14 18:06:04: Ldap bind error in Connect
32: No such object
02/04/14 10:24:59: PassSync service initialized
02/04/14 10:24:59: PassSync service running
02/04/14 10:25:00: Ldap bind error in Connect
32: No such object
02/04/14 10:58:37: Ldap bind error in Connect
32: No such object
02/04/14 10:58:37: PassSync service stopped
02/04/14 10:58:38: PassSync service initialized
02/04/14 10:58:38: PassSync service running
02/04/14 10:58:39: Ldap bind error in Connect
32: No such object
________________________________
From: Rich Megginson [rmeggins at redhat.com<mailto:rmeggins at redhat.com>]
Sent: Tuesday, February 04, 2014 9:19 AM
To: Todd Maugh; dpal at redhat.com<mailto:dpal at redhat.com>
Cc: freeipa-users at redhat.com<mailto:freeipa-users at redhat.com>
Subject: Re: Creating password sync
On 02/04/2014 10:17 AM, Todd Maugh wrote:
also I have verified the password synchronization service is started and running on the windows 2008 R2 server
but I cant tell if or what it is doing because iM not getting passwords to my IDM
http://port389.org/wiki/Howto:WindowsSync#PassSync_Logging
You can also look at the 389 access log to see if you have connections from the windows box.
________________________________
From: freeipa-users-bounces at redhat.com<mailto:freeipa-users-bounces at redhat.com> [freeipa-users-bounces at redhat.com<mailto:freeipa-users-bounces at redhat.com>] on behalf of Todd Maugh [tmaugh at boingo.com<mailto:tmaugh at boingo.com>]
Sent: Tuesday, February 04, 2014 9:04 AM
To: Rich Megginson; dpal at redhat.com<mailto:dpal at redhat.com>
Cc: freeipa-users at redhat.com<mailto:freeipa-users at redhat.com>
Subject: [Freeipa-users] Creating password sync
Ok, So I have my replication agreement set up.
and I see accounts coming in to my IDM server from AD
I have followed this guide from redhat
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/pass-sync.html
to set up my password sync.
I get no errors
but my passwords are not syncing!
Help! the documentation tells o fno way to verify or trouble shoot
Thank You
-Todd Maugh
tmaugh at boingo.com<mailto:tmaugh at boingo.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140204/0d8753cb/attachment.htm>
More information about the Freeipa-users
mailing list