On 08/24/2011 11:55 PM, Craig T wrote: > Hi, > > Setup: > Fedora 15 x64 > * 389-admin-1.1.16-1.fc15.x86_64 > * 389-admin-console-1.1.7-2.fc15.noarch > * 389-admin-console-doc-1.1.7-2.fc15.noarch > * 389-adminutil-1.1.13-2.fc15.x86_64 > * 389-console-1.1.4-2.fc15.noarch > * 389-ds-base-1.2.8.3-1.fc15.x86_64 > * 389-ds-base-libs-1.2.8.3-1.fc15.x86_64 > * 389-ds-console-1.2.5-1.fc15.noarch > * 389-ds-console-doc-1.2.5-1.fc15.noarch > > Windows 2008 R2 x64 > * Microsoft Active Directory > * Windows Password Sync v1.1.4 x64 > > I'm just attempting to setup 389 Directory Server password sync to Microsoft > Active Directory. > I have managed to get successfull user account (ldap info) sync without > passwords, it's just the .msi password sync program that I'm having issues > with. > > Error from passsync.log: > 08/25/11 14:46:43: PassSync service initialized > 08/25/11 14:46:43: PassSync service running > 08/25/11 14:46:44: Error initializing SSL: err=-8174 > 08/25/11 14:46:44: Ensure that your SSL is setup correctly > 08/25/11 14:46:58: PassSync service stopped > > > Anyone know how I can add debugging to the windows app? or ideas on what a > -8174 error means? > I thought SSL was setup correctly on the directory server (it certainly > responds to a telnet<port 636>, again debugging on the windows side would be > ideal. passsync always tries to use SSL, even before SSL is properly configured. You have to add the directory server's CA cert to the passsync cert db. See http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#Configuring_Windows_Sync-Configure_the_Password_Sync_Service > cya > > Craig > -- > 389 users mailing list > [email protected] > https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/389-users
