Steven Jones wrote:

If I have a winsync agreement from AD to IPA, and this does uni-directional 
password from AD to IPA and for some reason this temporarily breaks, say a 
network failure.....

winsync doesn't do password changes, passsync does.

1) Is there a time limit to -re-establish before it becomes "stale"?

I believe it will try forever.

2_ Once the communications is functioning again will the differences catch up?  
 say someone changes their AD password while the winsync was broken.....will it 
sync later anyway?

winsync uses a pull model so yeah, once the connection is made it will catch up to any AD changes made and will forward any applicable IPA-side changes. I believe there is a cap on the either the number of age of changes that 389-ds replication will store, which I believe is configurable.

I believe the passsync service will retry, I'm not sure how many times, etc. Rich may know.


Freeipa-users mailing list

Reply via email to