<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix">On 02/04/2014 01:42 PM, Todd Maugh
      wrote:<br>
    </div>
    <blockquote
cite="mid:6FB698E172A95F49BE009B36D56F53E226C8B7@EXCHMB1-ELS.BWINC.local"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html;
        charset=ISO-8859-1">
      <div style="direction: ltr;font-family: Tahoma;color:
        #000000;font-size: 10pt;">I have not changed any passwords in AD
        yet.<br>
      </div>
    </blockquote>
    <br>
    Then passsync will not have sent anything.<br>
    <br>
    <blockquote
cite="mid:6FB698E172A95F49BE009B36D56F53E226C8B7@EXCHMB1-ELS.BWINC.local"
      type="cite">
      <div style="direction: ltr;font-family: Tahoma;color:
        #000000;font-size: 10pt;">
        <br>
        and the users I have in IDM  from AD, their passwords are not
        working<br>
      </div>
    </blockquote>
    <br>
    Right.  This is one of the (many) problems with the passsync
    approach - there currently is no way to populate the initial
    passwords - that is, passsync/IdM cannot copy your passwords over
    from AD to IdM.<br>
    <br>
    <blockquote
cite="mid:6FB698E172A95F49BE009B36D56F53E226C8B7@EXCHMB1-ELS.BWINC.local"
      type="cite">
      <div style="direction: ltr;font-family: Tahoma;color:
        #000000;font-size: 10pt;">
        <br>
        <br>
        <div style="font-family: Times New Roman; color: #000000;
          font-size: 16px">
          <hr tabindex="-1">
          <div style="direction: ltr;" id="divRpF355147"><font
              color="#000000" face="Tahoma" size="2"><b>From:</b> Rich
              Megginson [<a class="moz-txt-link-abbreviated" href="mailto:rmeggins@redhat.com">rmeggins@redhat.com</a>]<br>
              <b>Sent:</b> Tuesday, February 04, 2014 12:40 PM<br>
              <b>To:</b> Todd Maugh; <a class="moz-txt-link-abbreviated" href="mailto:dpal@redhat.com">dpal@redhat.com</a><br>
              <b>Cc:</b> <a class="moz-txt-link-abbreviated" href="mailto:freeipa-users@redhat.com">freeipa-users@redhat.com</a><br>
              <b>Subject:</b> Re: Creating password sync<br>
            </font><br>
          </div>
          <div>
            <div class="moz-cite-prefix">On 02/04/2014 01:20 PM, Todd
              Maugh wrote:<br>
            </div>
            <blockquote type="cite">
              <div style="direction:ltr; font-family:Tahoma;
                color:#000000; font-size:10pt">my passhook.log file is
                empty<br>
              </div>
            </blockquote>
            <br>
            Have you changed any passwords in AD?<br>
            <br>
            <blockquote type="cite">
              <div style="direction:ltr; font-family:Tahoma;
                color:#000000; font-size:10pt">
                <div style="font-family:Times New Roman; color:#000000;
                  font-size:16px">
                  <hr tabindex="-1">
                  <div id="divRpF268312" style="direction:ltr"><font
                      color="#000000" face="Tahoma" size="2"><b>From:</b>
                      <a moz-do-not-send="true"
                        class="moz-txt-link-abbreviated"
                        href="mailto:freeipa-users-bounces@redhat.com"
                        target="_blank">
                        freeipa-users-bounces@redhat.com</a> [<a
                        moz-do-not-send="true"
                        class="moz-txt-link-abbreviated"
                        href="mailto:freeipa-users-bounces@redhat.com"
                        target="_blank">freeipa-users-bounces@redhat.com</a>]
                      on behalf of Todd Maugh [<a moz-do-not-send="true"
                        class="moz-txt-link-abbreviated"
                        href="mailto:tmaugh@boingo.com" target="_blank">tmaugh@boingo.com</a>]<br>
                      <b>Sent:</b> Tuesday, February 04, 2014 11:56 AM<br>
                      <b>To:</b> Rich Megginson; <a
                        moz-do-not-send="true"
                        class="moz-txt-link-abbreviated"
                        href="mailto:dpal@redhat.com" target="_blank">
                        dpal@redhat.com</a><br>
                      <b>Cc:</b> <a moz-do-not-send="true"
                        class="moz-txt-link-abbreviated"
                        href="mailto:freeipa-users@redhat.com"
                        target="_blank">
                        freeipa-users@redhat.com</a><br>
                      <b>Subject:</b> Re: [Freeipa-users] Creating
                      password sync<br>
                    </font><br>
                  </div>
                  <div>
                    <div style="direction:ltr; font-family:Tahoma;
                      color:#000000; font-size:10pt">Im seeing these
                      errors in the passsync.log<br>
                      <br>
                      <span dir="ltr">
                        <div>32: No such object</div>
                        <div>02/03/14 16:23:40: Ldap error in
                          QueryUsername</div>
                        <div>32: No such object</div>
                        <div>02/03/14 16:57:48: Abandoning password
                          change for scottb, backoff expired</div>
                        <div>02/03/14 16:57:48: Ldap bind error in
                          Connect</div>
                        <div>32: No such object</div>
                        <div>02/03/14 16:57:48: Ldap error in
                          QueryUsername</div>
                        <div>32: No such object</div>
                        <div>02/03/14 18:06:04: Abandoning password
                          change for scottb, backoff expired</div>
                        <div>02/03/14 18:06:04: Ldap bind error in
                          Connect</div>
                        <div>32: No such object</div>
                        <div>02/04/14 10:24:59: PassSync service
                          initialized</div>
                        <div>02/04/14 10:24:59: PassSync service running</div>
                        <div>02/04/14 10:25:00: Ldap bind error in
                          Connect</div>
                        <div>32: No such object</div>
                        <div>02/04/14 10:58:37: Ldap bind error in
                          Connect</div>
                        <div>32: No such object</div>
                        <div>02/04/14 10:58:37: PassSync service stopped</div>
                        <div>02/04/14 10:58:38: PassSync service
                          initialized</div>
                        <div>02/04/14 10:58:38: PassSync service running</div>
                        <div>02/04/14 10:58:39: Ldap bind error in
                          Connect</div>
                        <div>32: No such object</div>
                        <div><br>
                          <br>
                        </div>
                      </span><br>
                      <div style="font-family:Times New Roman;
                        color:#000000; font-size:16px">
                        <hr tabindex="-1">
                        <div id="divRpF24542" style="direction:ltr"><font
                            color="#000000" face="Tahoma" size="2"><b>From:</b>
                            Rich Megginson [<a moz-do-not-send="true"
                              class="moz-txt-link-abbreviated"
                              href="mailto:rmeggins@redhat.com"
                              target="_blank">rmeggins@redhat.com</a>]<br>
                            <b>Sent:</b> Tuesday, February 04, 2014 9:19
                            AM<br>
                            <b>To:</b> Todd Maugh; <a
                              moz-do-not-send="true"
                              class="moz-txt-link-abbreviated"
                              href="mailto:dpal@redhat.com"
                              target="_blank">
                              dpal@redhat.com</a><br>
                            <b>Cc:</b> <a moz-do-not-send="true"
                              class="moz-txt-link-abbreviated"
                              href="mailto:freeipa-users@redhat.com"
                              target="_blank">
                              freeipa-users@redhat.com</a><br>
                            <b>Subject:</b> Re: Creating password sync<br>
                          </font><br>
                        </div>
                        <div>
                          <div class="moz-cite-prefix">On 02/04/2014
                            10:17 AM, Todd Maugh wrote:<br>
                          </div>
                          <blockquote type="cite">
                            <style id="owaParaStyle" type="text/css">
<!--
p
        {margin-top:0;
        margin-bottom:0}
p
        {margin-top:0;
        margin-bottom:0}
body
        {direction:ltr;
        font-family:Tahoma;
        color:#000000;
        font-size:10pt}
p
        {margin-top:0;
        margin-bottom:0}
body
        {direction:ltr;
        font-family:Tahoma;
        color:#000000;
        font-size:10pt}
p
        {margin-top:0;
        margin-bottom:0}
-->
BODY {direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;}P {margin-top:0;margin-bottom:0;}</style>
                            <div style="direction:ltr;
                              font-family:Tahoma; color:#000000;
                              font-size:10pt">also I have verified the
                              password synchronization service is
                              started and running on the windows 2008 R2
                              server<br>
                              <br>
                              <br>
                              but I cant tell if or what it is doing
                              because iM not getting passwords to my IDM<br>
                            </div>
                          </blockquote>
                          <a moz-do-not-send="true"
                            class="moz-txt-link-freetext"
                            href="http://port389.org/wiki/Howto:WindowsSync#PassSync_Logging"
                            target="_blank">http://port389.org/wiki/Howto:WindowsSync#PassSync_Logging</a><br>
                          <br>
                          You can also look at the 389 access log to see
                          if you have connections from the windows box.<br>
                          <br>
                          <blockquote type="cite">
                            <div style="direction:ltr;
                              font-family:Tahoma; color:#000000;
                              font-size:10pt">
                              <div style="font-family:Times New Roman;
                                color:#000000; font-size:16px">
                                <hr tabindex="-1">
                                <div id="divRpF273180"
                                  style="direction:ltr"><font
                                    color="#000000" face="Tahoma"
                                    size="2"><b>From:</b>
                                    <a moz-do-not-send="true"
                                      class="moz-txt-link-abbreviated"
                                      href="mailto:freeipa-users-bounces@redhat.com"
                                      target="_blank">
                                      freeipa-users-bounces@redhat.com</a>
                                    [<a moz-do-not-send="true"
                                      class="moz-txt-link-abbreviated"
                                      href="mailto:freeipa-users-bounces@redhat.com"
                                      target="_blank">freeipa-users-bounces@redhat.com</a>]
                                    on behalf of Todd Maugh [<a
                                      moz-do-not-send="true"
                                      class="moz-txt-link-abbreviated"
                                      href="mailto:tmaugh@boingo.com"
                                      target="_blank">tmaugh@boingo.com</a>]<br>
                                    <b>Sent:</b> Tuesday, February 04,
                                    2014 9:04 AM<br>
                                    <b>To:</b> Rich Megginson; <a
                                      moz-do-not-send="true"
                                      class="moz-txt-link-abbreviated"
                                      href="mailto:dpal@redhat.com"
                                      target="_blank">
                                      dpal@redhat.com</a><br>
                                    <b>Cc:</b> <a
                                      moz-do-not-send="true"
                                      class="moz-txt-link-abbreviated"
                                      href="mailto:freeipa-users@redhat.com"
                                      target="_blank">
                                      freeipa-users@redhat.com</a><br>
                                    <b>Subject:</b> [Freeipa-users]
                                    Creating password sync<br>
                                  </font><br>
                                </div>
                                <div>
                                  <div style="direction:ltr;
                                    font-family:Tahoma; color:#000000;
                                    font-size:10pt">Ok, So I have my
                                    replication agreement set up.<br>
                                    <br>
                                    and I see accounts coming in to my
                                    IDM server from AD<br>
                                    <br>
                                    I have followed this guide from
                                    redhat <br>
                                    <br>
                                    <a moz-do-not-send="true"
                                      class="moz-txt-link-freetext"
href="https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/pass-sync.html"
                                      target="_blank">https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/pass-sync.html</a><br>
                                    <br>
                                    to set up my password sync. <br>
                                    <br>
                                    I get no errors<br>
                                    <br>
                                    but my passwords are not syncing!<br>
                                    <br>
                                    Help! the documentation tells o fno
                                    way to verify or trouble shoot<br>
                                    <br>
                                    <br>
                                    Thank You<br>
                                    <br>
                                    -Todd Maugh<br>
                                    <a moz-do-not-send="true"
                                      class="moz-txt-link-abbreviated"
                                      href="mailto:tmaugh@boingo.com"
                                      target="_blank">tmaugh@boingo.com</a><br>
                                  </div>
                                </div>
                              </div>
                            </div>
                          </blockquote>
                          <br>
                        </div>
                      </div>
                    </div>
                  </div>
                </div>
              </div>
            </blockquote>
            <br>
          </div>
        </div>
      </div>
    </blockquote>
    <br>
  </body>
</html>