On Fri, 2011-10-14 at 08:04 +0300, Alexander Bokovoy wrote: > On Fri, 14 Oct 2011, Rob Crittenden wrote: > > Alexander Bokovoy wrote: > > >On Thu, 13 Oct 2011, Rob Crittenden wrote: > > >>Added more detailed information on creating a winsync replica to the > > >>ipa-replica-manage man page. > > > > > >>+Creating a Windows AD Synchronization agreement is similar to creating > > >>an IPA replication agreement, there are just a couple of extra steps: > > >>+.TP > > >>+1. Transfer the base64\-encoded Windows AD CA Certficate to your IPA > > >>Server > > >>+.TP > > >>+2. Remove any existing kerberos credentials > > >>+ # kdestroy > > >>+.TP > > >>+3) Add the winsync replication agreement > > >>+ # ipa\-replica\-manage connect \-\-winsync > > >>\-\-passsync=<bindpwd_for_syncuser_that will_be_used_for_agreement> > > >>\-\-cacert=/path/to/adscacert/WIN\-CA.cer \-\-binddn > > >>"cn=administrator,cn=users,dc=ipa,dc=qe" \-\-bindpw > > >><ads_administrator_password> \-v<adserver.fqdn> > > >Could you please make DN similar to what is below? There will be > > >confusion: > > > > Done. I also added a bit about the PassSync user and the AD bind dn. > ACK >
Pushed to master, ipa-2-1. Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel