On 03/12/2015 03:44 PM, Gonzalo Fernandez Ordas wrote:
Thanks very much for the quick reply. And that was exactly the bit I
never fully understood, till now.
is it known anyway of synchronising the passwords?
No.
Any recommendations on those regards?
Yes - use Trusts instead of sync.
Thanks
On 12/03/2015 22:13, Rich Megginson wrote:
On 03/12/2015 03:07 PM, Gonzalo Fernandez Ordas wrote:
Hi
I have successfully setup an AD---> freeipa Model and joining bits
and pieces from 389-ds I have setup a oneWaySinc fromWindows.
The issue I got for the last week is the pasword sync which does not
seem to work at all, it does not matter what I do in the AD server I
never get the passwords being transferred over.
I went through many manual pages, different versions and I do not
have clear if I need to run any ldapmodification at all!
This will be a onewaySync and I do not want the passwords being
replicated BACK to AD, also I read about the "reset" setting and I
am not sure if every single password needs to be reset at all?
has anybody got any sort of definitive guide or maybe a clear path
to follow?
http://www.port389.org/docs/389ds/howto/howto-windowssync.html#configuring-passsync
Note that you have to change a password in AD in order for it to be
sync'd to freeipa. PassSync will not sync already existing password.s
Many thanks for all your help
Gonzalo
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
