Steven Jones wrote:
Hi,
If I have a winsync agreement from AD to IPA, and this does uni-directional
password from AD to IPA and for some reason this temporarily breaks, say a
network failure.....
winsync doesn't do password changes, passsync does.
1) Is there a time limit to -re-establish before it becomes "stale"?
I believe it will try forever.
2_ Once the communications is functioning again will the differences catch up?
say someone changes their AD password while the winsync was broken.....will it
sync later anyway?
winsync uses a pull model so yeah, once the connection is made it will
catch up to any AD changes made and will forward any applicable IPA-side
changes. I believe there is a cap on the either the number of age of
changes that 389-ds replication will store, which I believe is configurable.
I believe the passsync service will retry, I'm not sure how many times,
etc. Rich may know.
rob
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users