On Fri, 14 Oct 2011, Rob Crittenden wrote:
> Alexander Bokovoy wrote:
> >On Thu, 13 Oct 2011, Rob Crittenden wrote:
> >>Added more detailed information on creating a winsync replica to the
> >>ipa-replica-manage man page.
> >
> >>+Creating a Windows AD Synchronization agreement is similar to creating an 
> >>IPA replication agreement, there are just a couple of extra steps:
> >>+.TP
> >>+1. Transfer the base64\-encoded Windows AD CA Certficate to your IPA Server
> >>+.TP
> >>+2. Remove any existing kerberos credentials
> >>+  # kdestroy
> >>+.TP
> >>+3) Add the winsync replication agreement
> >>+ # ipa\-replica\-manage connect \-\-winsync
> >>\-\-passsync=<bindpwd_for_syncuser_that will_be_used_for_agreement>
> >>\-\-cacert=/path/to/adscacert/WIN\-CA.cer \-\-binddn
> >>"cn=administrator,cn=users,dc=ipa,dc=qe" \-\-bindpw
> >><ads_administrator_password>  \-v<adserver.fqdn>
> >Could you please make DN similar to what is below? There will be
> >confusion:
> 
> Done. I also added a bit about the PassSync user and the AD bind dn.
ACK

-- 
/ Alexander Bokovoy

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to