Thank you for your response Martin !
This restriction is due to the architecture of the in place network.
This is sadly not something that I can change.
On 09/23/2016 02:26 PM, Martin Babinsky wrote:
On 09/23/2016 01:09 PM, malo wrote:
I am afraid that this is hardcoded in ipa-replica-manage and there is
no way to force the command to use LDAPS connection.
I am currently trying to setup the winsyncagreement between my AD and
my FreeIPA servers. The network topology allows me to only connect the
FreeIPA server to the 636 port of AD, using TLS.
It seems that FreeIPA wants to connect to the port 389 using StartTLS
when I run the ipa-replica-manage command to create the winsync
I know that I can modify the parameters of the winsync agreement once it
is established, by modifying the cn=replica,cn=XXXXcom,cn=mapping
But is there a way to specify the port as well as the protocol to use on
the first configuration of the winsync agreement ?
Thank you for your help,
Is there any particular reason why incoming connections on AD DC's
port 389 are blocked in your network?
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project