On 20/06/11 16:37, Attila Bogár wrote:
I'm trying to set up the AD-FreeIPA sync agreement and I'm always getting this error: # ipa-replica-manage connect --winsync --binddn cn="IPA Sync",cn=Users,dc=win,dc=example,dc=com --bindpw JamesBond007 --cacert /root/dc1.cer --passsync JamesBond007 dc1.win.example.com -v
This is solved now. Directory Manager password was missing from the command line. (-p). admin user's privileges via kerberos are insufficient to set up a replica agreement as I see.
Could you please add this to the documentation example in the docs, I think upcoming users would appreciate this.
http://obriend.fedorapeople.org/freeIPA2.0/Identity_and_Policy_Management_Guide/html-single/#sect-Enterprise_Identity_Management_Guide-Setting_up_Synchronization_Between_IPA_and_Active_Directory-Setting_up_Windows_Sync_on_the_IPA_Server Thanks, Attila
_______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users