Dmitri Pal wrote:
On 10/23/2012 12:47 PM, Simo Sorce wrote:
On Tue, 2012-10-23 at 12:16 -0400, Dmitri Pal wrote:
On 10/23/2012 07:50 AM, George Machitidze wrote:
Hi

I'm testing MS AD integration, following document contents
http://docs.fedoraproject.org/en-US/Fedora/17/html/FreeIPA_Guide/managing-sync-agmt.html

For 8.4.2. (Creating Synchronization Agreements) we've got "--passsync
secretpwd", but nowhere's said if user has to be created on MS AD
side, or if any package has to be installed.
It is implied that this is the password of the administrative user that
you already have on the AD side.
Nope, the password provided with that switch is used to create a special
sysaccount user named 'passsync' in IPA.
the DN of the user is: uid=passsync,cn=sysaccount,cn=etc,$suffix

This user is used by the Windows Passsync plugin installed on AD domain
controllers. So this password is what you need to use when configuring
the Passync plugin together with the above dn template.

Simo.

Then we should update our docs.


https://fedorahosted.org/freeipa/ticket/3208

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to