Joseph, Matthew (EXP) wrote:

We are currently in the process of replacing our IdM 3.x server with 4.x.

There are going to be some major directory changes during the upgrade so
I need to keep both the old and new IdM servers up and running separately.

Part of our configuration is using the password sync between IdM and
Active Directory.

I can’t find any information on this so I figured I’d ask you guys to
see if anyone has done this before.

Can I have two CA certificates from 2 IdM servers installed on the
Active Directory server? And will this cause any issues with our
password sync?

I'm not sure if you can do this. The CA is probably the least of your problems. I don't believe the AD passsync service can be aware of multiple consumers like this.

Rich may know.


Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to