[Freeipa-users] LDAP Connection error while Integrating AD with FreeIPA

Dmitri Pal dpal at redhat.com
Tue Feb 10 17:08:33 UTC 2015 

On 02/10/2015 11:21 AM, Prady Dash wrote:
>
> Hi,
>
> I am using the below version :
>
> ipa-server-3.0.0-42.el6.x86_64
>
> What I want is to integrate AD with FreeIPA so in case of AD failure 
> FreeIPA should able to handle the requests( might be temporary  such 
> as cache or something like that ).
>

This is not the use case that would be easy to make work.
So are you planning to configure SSSD on clients to use AD and IPA 
domains in parallel?

> Regards,
>
> /Prady
>
> *From:*freeipa-users-bounces at redhat.com 
> [mailto:freeipa-users-bounces at redhat.com] *On Behalf Of *Dmitri Pal
> *Sent:* 10 February 2015 16:07
> *To:* freeipa-users at redhat.com
> *Subject:* Re: [Freeipa-users] LDAP Connection error while Integrating 
> AD with FreeIPA
>
> On 02/10/2015 10:59 AM, Prady Dash wrote:
>
>     Hi,
>
>     I am trying to integrate AD with FreeIPA.  I was following the
>     below document.
>
>     https://www.freeipa.org/images/2/2b/Installation_and_Deployment_Guide.pdf
>
>     While configuring am facing the below error.
>
>     /[root at appserver2 ~]# ipa-replica-manage connect --winsync
>     --binddn cn=Administrator,cn=users,dc=abc,dc=local --bindpw
>     XXXXXXX --passsync XXXXXX  --passsync XXXXXXX --cacert
>     /etc/openldap/certs/abc.cer ad.abc.local -v/
>
>     /Directory Manager password:/
>
>     //
>
>     /Added CA certificate /etc/openldap/certs/ abc.cer to certificate
>     database for appserver2.qinec.com/
>
>     /ipa: INFO: AD Suffix is: DC=abc,DC=local/
>
>     /The user for the Windows PassSync service is
>     uid=passsync,cn=sysaccounts,cn=etc,dc=xyz,dc=com/
>
>     /Windows PassSync entry exists, not resetting password/
>
>     /ipa: INFO: Added new sync agreement, waiting for it to become
>     ready . . ./
>
>     /ipa: INFO: Replication Update in progress: FALSE: status: -11  -
>     LDAP error: Connect error: start: 0: end: 0/
>
>     /ipa: INFO: Agreement is ready, starting replication . . ./
>
>     /Starting replication, please wait until this has completed./
>
>     /[appserver2.abc.com] reports: Update failed! Status: [-11  - LDAP
>     error: Connect error]/
>
>     /Failed to start replication/
>
>     //
>
>     Please suggest.
>
>     Regards,
>
>     /Prady
>
>
>
> This is a very old documentation.
> Please use the latest documentation on the Red Hat portal.
> What IPA version and platform are you using?
> Do you really want to sync users? Have you considered a trust? Are you 
> aware of that option which is preferred now?
>
>
> -- 
> Thank you,
> Dmitri Pal
>   
> Sr. Engineering Manager IdM portfolio
> Red Hat, Inc.


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150210/7188409c/attachment.htm>

More information about the Freeipa-users mailing list