thanks Rich,

when I run that  I get the following:


[r...@idm-master-els.ops.boingo.com ipa]$ 
LDAPTLS_CACERTDIR=/etc/dirsrv/slapd-OPS-BOINGO-COM ldapsearch -xLLLZZ -h 
adc13-els.bwinc.local -D "cn=idmadmin,cn=Users,dc=bwinc,dc=local" -w "XXXXXX" s 
base -b "cn=Users,dc=bwinc,dc=local"
ldap_bind: Invalid credentials (49)
    additional info: 80090308: LdapErr: DSID-0C0903C5, comment: 
AcceptSecurityContext error, data 52e, v2580



________________________________
From: Rich Megginson [rmegg...@redhat.com]
Sent: Wednesday, March 12, 2014 3:30 PM
To: Todd Maugh; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] [freeipa] Issues with Winsync agreement

On 03/12/2014 04:18 PM, Todd Maugh wrote:
Hello.

I'm using latest IPA build on red hat 6.5

I retrieved my CA cert from the AD Domain controller

I try to set up my winsyncagreement and I am getting this



[r...@idm-master-els.ops.boingo.com<mailto:r...@idm-master-els.ops.boingo.com> 
ipa]$ ipa-replica-manage connect --winsync --binddn "cn=idmadmin, cn=Users, 
dc=bwinc, dc=local" --bindpw "XXXXXX" --passsync "XXXXXX" 
--cacert=/etc/openldap/cacerts/ADC13-ELS.CA.cer adc13-els.bwinc.local
Directory Manager password:

Added CA certificate /etc/openldap/cacerts/ADC13-ELS.CA.cer to certificate 
database for idm-master-els.ops.boingo.com
ipa: INFO: Failed to connect to AD server adc13-els.bwinc.local
ipa: INFO: The error was: {'info': '80090308: LdapErr: DSID-0C0903C5, comment: 
AcceptSecurityContext error, data 52e, v2580', 'desc': 'Invalid credentials'}
Failed to setup winsync replication


not sure where to look for the logs for this to see what the invalivd 
credentials are or wether this might still be a cert issue or a log in issue or 
what not?

You can test with ldapsearch like this:

$ LDAPTLS_CACERTDIR=/etc/dirsrv/slapd-DOMAIN-COM ldapsearch -xLLLZZ -h 
adc13-els.bwinc.local -D "cn=idmadmin,cn=Users,dc=bwinc,dc=local" -w "XXXXXX" 
-s base -b "cn=Users,dc=bwinc,dc=local"



Thanks in advance for the help

-Todd





_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com<mailto:Freeipa-users@redhat.com>
https://www.redhat.com/mailman/listinfo/freeipa-users

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to