Hi, I'm trying to setup a FreeIPA and Active Directory synchronisation following Red Hat documentation(https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/Setting_up_Active_Directory.html#ad-user-acct).
The ipa-replica-manage command returns a success but no user are imported in FreeIPA: ipa-replica-manage connect --winsync --binddn='cn=ipasync,cn=Users,dc=ipa,dc=local' --bindpw='####' --passsync #### --cacert ipa-a-v Directory Manager password: Added CA certificate ipa-ad.cloud.620nm.net.cer to certificate database for ipa.cloud.620nm.net ipa: INFO: AD Suffix is: DC=ipa,DC=local The user for the Windows PassSync service is uid=passsync,cn=sysaccounts,cn=etc,dc=ipa,dc=cloud,dc=620nm,dc=net Windows PassSync system account exists, not resetting password ipa: INFO: Added new sync agreement, waiting for it to become ready . . . ipa: INFO: Replication Update in progress: FALSE: status: Error (0) Replica acquired successfully: Incremental update started: start: 0: end: 0 ipa: INFO: Agreement is ready, starting replication . . . Starting replication, please wait until this has completed. Update in progress, 2 seconds elapsed Update succeeded The ipasync user has been created with the rights as described in the documentation. In the freeipa logs, I didn't find any error message that could explain that user are not imported. Regards, [cid:image001.gif@01CBF2E5.34FD28F0] Laurent PERRIN Service Infra aux Projets Orange Applications for Business SCE/OAB/DPO/DT/SF/CLOUDS tel. +33 4 37 24 62 85 Mob : 07 84 12 78 79 laurent2.per...@orange.com<mailto:laurent2.per...@orange.com> 139 rue Vendôme 69006 Lyon www.orange-business.com<http://www.orange-business.com/> [cid:image002.gif@01CBF2E5.34FD28F0] _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
ad_sync.log
Description: ad_sync.log
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
