On 10/23/2012 12:47 PM, Simo Sorce wrote:
> On Tue, 2012-10-23 at 12:16 -0400, Dmitri Pal wrote:
>> On 10/23/2012 07:50 AM, George Machitidze wrote:
>>> Hi
>>>
>>> I'm testing MS AD integration, following document contents
>>> http://docs.fedoraproject.org/en-US/Fedora/17/html/FreeIPA_Guide/managing-sync-agmt.html
>>>
>>> For 8.4.2. (Creating Synchronization Agreements) we've got "--passsync
>>> secretpwd", but nowhere's said if user has to be created on MS AD
>>> side, or if any package has to be installed.
>> It is implied that this is the password of the administrative user that
>> you already have on the AD side.
> Nope, the password provided with that switch is used to create a special
> sysaccount user named 'passsync' in IPA.
> the DN of the user is: uid=passsync,cn=sysaccount,cn=etc,$suffix
>
> This user is used by the Windows Passsync plugin installed on AD domain
> controllers. So this password is what you need to use when configuring
> the Passync plugin together with the above dn template.
>
> Simo.
>
Then we should update our docs.

-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to