[Freeipa-users] Windows AD --> LDAP (oneWay)
Rich Megginson
rmeggins at redhat.com
Thu Mar 12 21:59:29 UTC 2015
On 03/12/2015 03:44 PM, Gonzalo Fernandez Ordas wrote:
>
> Thanks very much for the quick reply. And that was exactly the bit I
> never fully understood, till now.
>
> is it known anyway of synchronising the passwords?
No.
> Any recommendations on those regards?
Yes - use Trusts instead of sync.
>
> Thanks
>
>
>
> On 12/03/2015 22:13, Rich Megginson wrote:
>> On 03/12/2015 03:07 PM, Gonzalo Fernandez Ordas wrote:
>>> Hi
>>>
>>> I have successfully setup an AD---> freeipa Model and joining bits
>>> and pieces from 389-ds I have setup a oneWaySinc fromWindows.
>>> The issue I got for the last week is the pasword sync which does not
>>> seem to work at all, it does not matter what I do in the AD server I
>>> never get the passwords being transferred over.
>>> I went through many manual pages, different versions and I do not
>>> have clear if I need to run any ldapmodification at all!
>>> This will be a onewaySync and I do not want the passwords being
>>> replicated BACK to AD, also I read about the "reset" setting and I
>>> am not sure if every single password needs to be reset at all?
>>>
>>> has anybody got any sort of definitive guide or maybe a clear path
>>> to follow?
>>
>> http://www.port389.org/docs/389ds/howto/howto-windowssync.html#configuring-passsync
>>
>>
>> Note that you have to change a password in AD in order for it to be
>> sync'd to freeipa. PassSync will not sync already existing password.s
>>
>>>
>>> Many thanks for all your help
>>>
>>> Gonzalo
>>>
>>
>
More information about the Freeipa-users
mailing list