Hello, I imagine this is a common issue/question when trying to implement the password sync between AD and IPA.
We have two Windows 2003 domain controllers (for redundancy) so when a user issues a password change on the Windows side there is no primary domain controller that it will always use for password changes. So right now IPA is only getting 50% of the Password changes that are done through Windows due to password changes going through both domain controllers. Looking through the documentation IPA will only allow a password sync agreement between 1 AD and 1 IPA server. Is there a solution for this issue? How are people getting around this? Thanks, Matt
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users