I am using the below version :


What I want is to integrate AD with FreeIPA so in case of AD failure FreeIPA 
should able to handle the requests( might be temporary  such as cache or 
something like that ).


From: freeipa-users-boun...@redhat.com 
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Dmitri Pal
Sent: 10 February 2015 16:07
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] LDAP Connection error while Integrating AD with 

On 02/10/2015 10:59 AM, Prady Dash wrote:

I am trying to integrate AD with FreeIPA.  I was following the below document.


While configuring am facing the below error.

[root@appserver2 ~]# ipa-replica-manage connect --winsync --binddn 
cn=Administrator,cn=users,dc=abc,dc=local --bindpw XXXXXXX --passsync XXXXXX  
--passsync XXXXXXX --cacert /etc/openldap/certs/abc.cer ad.abc.local -v
Directory Manager password:

Added CA certificate /etc/openldap/certs/ abc.cer to certificate database for 
ipa: INFO: AD Suffix is: DC=abc,DC=local
The user for the Windows PassSync service is 
Windows PassSync entry exists, not resetting password
ipa: INFO: Added new sync agreement, waiting for it to become ready . . .
ipa: INFO: Replication Update in progress: FALSE: status: -11  - LDAP error: 
Connect error: start: 0: end: 0
ipa: INFO: Agreement is ready, starting replication . . .
Starting replication, please wait until this has completed.
[appserver2.abc.com] reports: Update failed! Status: [-11  - LDAP error: 
Connect error]
Failed to start replication

Please suggest.


This is a very old documentation.
Please use the latest documentation on the Red Hat portal.
What IPA version and platform are you using?
Do you really want to sync users? Have you considered a trust? Are you aware of 
that option which is preferred now?


Thank you,

Dmitri Pal

Sr. Engineering Manager IdM portfolio

Red Hat, Inc.
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to