Hello ALL.
In our organization it became necessary to:
- replicate all user accounts from AD to FreeIPA preserving user
passwords (the passwords will appear in FreeIPA when changing these in
AD using WinSync)
- unbind the part of the migrated accounts from synchronization
- remove
Sorry for the noise, I did some backtracking in the mailing list
archives and found a conversation from December 2015 regarding the same
issue with a nice bugzilla attached
https://bugzilla.redhat.com/show_bug.cgi?id=1287092, I'll try to work
around the issue with group nesting.
/andreas
On
Hello,
I've got a pretty strange problem with FreeIPA 4.2.0-15.el7 running on a
rhel 7.2 and wondering if anyone can shed some light on it. I've setup a
winsync agreement and it seems to be working fine, stuff gets synced
from the AD to IPA. I've also got the PassSync application installed on
On Tue, 27 Oct 2015, Tomas Babej wrote:
On 10/27/2015 05:51 PM, Srdjan Dutina wrote:
Hi!
Hello Srdjan,
Is syncing (winsync) users and passwords from MS Active Directory
deprecated in FreeIPA 4.x?
If not, is there some documentation on how to use it?
Winsync synchronization is not
Hi!
Is syncing (winsync) users and passwords from MS Active Directory
deprecated in FreeIPA 4.x?
If not, is there some documentation on how to use it?
Additionaly, when using FreeIPA - AD trust, is it possible for user from
trusted domain to log on to FreeIPA web UI?
Thanks!
--
Manage your
On 10/27/2015 05:51 PM, Srdjan Dutina wrote:
> Hi!
>
Hello Srdjan,
> Is syncing (winsync) users and passwords from MS Active Directory
> deprecated in FreeIPA 4.x?
> If not, is there some documentation on how to use it?
>
Winsync synchronization is not deprecated as of now, but we are
Hi Aleksander and Tomas, thanks for quick responses!
I find trust-based solution more advanced but also more complicated - two
sites, one with FreeIPA and other with AD domain, limited communication
from FreeIPA to AD site, FreeIPA not aware of AD sites, questionable use of
RODCs and Kerberos
Steven Jones wrote:
==
[vuwunicoipam002.ods.vuw.ac.nz] reports: Update failed! Status: [-1 Total
update abortedLDAP error: Can't contact LDAP server]
Failed to start replication
==
Any ideas why please? it looked like it transferred about 1900 odd records
then bombed out.
It sort
,
Level 8 Rankin Brown Building,
Wellington, NZ
6012
0064 4 463 6272
From: Rob Crittenden rcrit...@redhat.com
Sent: Tuesday, 6 May 2014 1:57 a.m.
To: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync failure
Steven Jones wrote
==
[vuwunicoipam002.ods.vuw.ac.nz] reports: Update failed! Status: [-1 Total
update abortedLDAP error: Can't contact LDAP server]
Failed to start replication
==
Any ideas why please? it looked like it transferred about 1900 odd records
then bombed out.
regards
Steven Jones
good morning, every day it's something new.
so turns out my AD admin has built ad with user accounts spread out over
multiple subtrees' and I need to handle them all.
is there a way to sync everything under dc=bwinc,dc=local. instead of doing
cn=users,dc=bwinc,dc=local
does this make sense?
...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Todd Maugh [tma...@boingo.com]
Sent: Friday, March 14, 2014 10:13 AM
To: freeipa-users@redhat.com
Subject: [Freeipa-users] winsync agreement for multiple subtrees
good morning, every day it's something new.
so turns out my AD admin has built
] on
behalf of Todd Maugh [tma...@boingo.com]
Sent: Friday, March 14, 2014 10:13 AM
To: freeipa-users@redhat.com
Subject: [Freeipa-users] winsync agreement for multiple subtrees
good morning, every day it's something new.
so turns out my AD admin has built ad with user accounts spread out over
-users-boun...@redhat.com] on
behalf of Todd Maugh [tma...@boingo.com]
Sent: Friday, March 14, 2014 10:13 AM
To: freeipa-users@redhat.com
Subject: [Freeipa-users] winsync agreement for multiple subtrees
good morning, every day it's something new.
so turns out my AD admin has built ad
it.
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Todd Maugh [tma...@boingo.com]
Sent: Friday, March 14, 2014 10:13 AM
To: freeipa-users@redhat.com
Subject: [Freeipa-users] winsync agreement for multiple subtrees
good morning, every day it's
On 02/27/2014 11:11 PM, Alexander Bokovoy wrote:
On Thu, 27 Feb 2014, Michal Zacek wrote:
Hi,
I have successfully completed agreement between Windows and IPA and it
works. When I create user in Windows, it's synchronized to IPA and when I
change something on IPA for this user, it's
Hi,
I have successfully completed agreement between Windows and IPA and it
works. When I create user in Windows, it's synchronized to IPA and when
I change something on IPA for this user, it's synchronized back to
Windows, but when I create *new* user in IPA it's not synchronized
On 02/27/2014 05:01 PM, Michal Zacek wrote:
Hi,
I have successfully completed agreement between Windows and IPA and it
works. When I create user in Windows, it's synchronized to IPA and
when I change something on IPA for this user, it's synchronized back
to Windows, but when I create
On Thu, 27 Feb 2014, Michal Zacek wrote:
Hi,
I have successfully completed agreement between Windows and IPA and
it works. When I create user in Windows, it's synchronized to IPA
and when I change something on IPA for this user, it's synchronized
back to Windows, but when I create *new*
Hi,
I have configured my IPA server to do a UNI sync fromWindows.
When i change some attribute on a synced user in IPA, for example the
initials attribute, my understanding from the manuals is that when the next
sync operation occurs my changes should be owerwritten? however it does
not? can
On 11/11/2013 03:42 PM, gflwqs gflwqs wrote:
Hi,
I have configured my IPA server to do a UNI sync fromWindows.
When i change some attribute on a synced user in IPA, for example the
initials attribute, my understanding from the manuals is that when the
next sync operation occurs my changes
Hello,
I'm currently in the processing of installing/configuring IPA 2.2.0-16 on a
Red Hat 6.4 Server and I'm running into some issues trying to get IPA to
replicate to a Windows 2003 SP2 DC.
Here is the steps I took (I used the Red Hat Identity Management Guide)
1) Create idmpasssync
On 03/21/2013 12:37 PM, Joseph, Matthew (EXP) wrote:
Hello,
I'm currently in the processing of installing/configuring IPA 2.2.0-16
on a Red Hat 6.4 Server and I'm running into some issues trying to
get IPA to replicate to a Windows 2003 SP2 DC.
Here is the steps I took (I used the Red Hat
.
To: Rich Megginson
Cc: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Rich Megginson wrote:
On 09/25/2012 03:34 PM, Steven Jones wrote:
Hi,
I have set the filter size as 2 for the user and it makes no
difference.
Where did you set
On 09/26/2012 03:17 PM, Steven Jones wrote:
Is this expected?
Ticket #2324 AD Users synced to IPA server are not added to ipausers group
https://fedorahosted.org/freeipa/ticket/2324
By existing users do you mean existing users in IPA? Are these users
synced with entries in AD?
regards
[steven.jo...@vuw.ac.nz]
Sent: Thursday, 27 September 2012 3:57 p.m.
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Hi,
Unable to get this to work on win2k3r2 even with enterprise admin permissions.
What I have found is this which Im about to try,
1. Use
Megginson [rmegg...@redhat.com]
Sent: Friday, 28 September 2012 4:08 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement transferred users not going into
ipausers and existing users dropped from all their groups
On 09/26/2012 03:17 PM, Steven Jones
-users] winsync agreement transferred users not going into
ipausers and existing users dropped from all their groups
On 09/26/2012 03:17 PM, Steven Jones wrote:
Is this expected?
Ticket #2324 AD Users synced to IPA server are not added to ipausers group
https://fedorahosted.org/freeipa/ticket/2324
On Wed, Sep 26, 2012 at 5:46 AM, Rob Crittenden rcrit...@redhat.com wrote:
Steven Jones wrote:
Hi,
I dont have a ldapmodify command for changing something in AD.
I have increased the only scope I/we know about which is the return of
objects from a search inside the AD gui but that might
Is this expected?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
: Natxo Asenjo [natxo.ase...@gmail.com]
Sent: Thursday, 27 September 2012 2:04 a.m.
To: Rob Crittenden
Cc: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On Wed, Sep 26, 2012 at 5:46 AM, Rob Crittenden rcrit...@redhat.com wrote:
Steven Jones wrote
[freeipa-users-boun...@redhat.com] on
behalf of Steven Jones [steven.jo...@vuw.ac.nz]
Sent: Tuesday, 25 September 2012 3:17 p.m.
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Hi,
I am trying to run this and getting search exceeded.
ldapsearch -xLLL
0064 4 463 6272
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Dmitri Pal [d...@redhat.com]
Sent: Wednesday, 26 September 2012 7:39 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/24/2012 11:49 PM, Steven Jones wrote:
Hi,
Im confused here, has no one tried to winsync 2000+ users before?
Are there any docs on working around this limit?
Ive up'd the user to 2 but that seems to have had no effectmy AD ppl
Rich Megginson wrote:
On 09/25/2012 03:34 PM, Steven Jones wrote:
Hi,
I have set the filter size as 2 for the user and it makes no
difference.
Where did you set this? In IPA? In AD? If so, where? How?
What does filter size mean? To me, it means the size of an LDAP
search filter in an
@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Rich Megginson wrote:
On 09/25/2012 03:34 PM, Steven Jones wrote:
Hi,
I have set the filter size as 2 for the user and it makes no
difference.
Where did you set this? In IPA? In AD? If so, where? How?
What does filter
463 6272
From: Rob Crittenden [rcrit...@redhat.com]
Sent: Wednesday, 26 September 2012 1:31 p.m.
To: Rich Megginson
Cc: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Rich Megginson wrote:
On 09/25
...@redhat.com]
Sent: Saturday, 22 September 2012 3:46 a.m.
To: d...@redhat.com
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/21/2012 09:18 AM, Dmitri Pal wrote:
On 09/21/2012 11:07 AM, Rich Megginson wrote:
On 09/21/2012 09:04 AM, Dmitri Pal wrote:
On 09
-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
Hi,
I am trying to run this and getting search exceeded.
ldapsearch -xLLL -D winsync_binddn -w passwd -h AD_host -s sub -b
OU=VUW_Staff,DC=staff,DC=vuw,DC=ac,DC=nz cn=* dn ad.dns.txt
Looks like I have 5900 AD users
] on
behalf of Rich Megginson [rmegg...@redhat.com]
Sent: Saturday, 22 September 2012 3:46 a.m.
To: d...@redhat.com
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/21/2012 09:18 AM, Dmitri Pal wrote:
On 09/21/2012 11:07 AM, Rich Megginson wrote:
On 09
---
*From:* Rich Megginson [rmegg...@redhat.com]
*Sent:* Friday, 21 September 2012 11:38 a.m.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 03:52 PM, Steven Jones wrote
---
*From:* Rich Megginson [rmegg...@redhat.com]
*Sent:* Friday, 21 September 2012 11:38 a.m.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 03:52 PM, Steven Jones wrote:
Hi,
I have imported
.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 03:52 PM, Steven Jones wrote:
Hi,
I have imported users, but there are 5700 of them but I only have
2000 which
corresponds to the view that AD gives you by default
...@redhat.com]
*Sent:* Friday, 21 September 2012 11:38 a.m.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 03:52 PM, Steven Jones wrote:
Hi,
I have imported users, but there are 5700 of them but I only have
2000 which
I have hundreds of disable users in IPA now transferred from AD, is there a
quick/clean way to purge them from IPA?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
___
Freeipa-users
-users-boun...@redhat.com
[freeipa-users-boun...@redhat.com] on behalf of Steven Jones
[steven.jo...@vuw.ac.nz]
*Sent:* Thursday, 20 September 2012 2:48 p.m.
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
it isnt,
Im doing a OU=VUW_Staff instead
-users-boun...@redhat.com
[freeipa-users-boun...@redhat.com] on behalf of Steven Jones
[steven.jo...@vuw.ac.nz]
*Sent:* Thursday, 20 September 2012 2:48 p.m.
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
it isnt,
Im doing a OU=VUW_Staff instead
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
I have hundreds of disable users in IPA now transferred from AD, is there a
quick/clean way to purge them from IPA?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
6272
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Dmitri Pal [d...@redhat.com]
Sent: Friday, 21 September 2012 8:56 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20
University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Friday, 21 September 2012 8:53 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 02:43 PM
*From:* freeipa-users-boun...@redhat.com
[freeipa-users-boun...@redhat.com] on behalf of Steven Jones
[steven.jo...@vuw.ac.nz]
*Sent:* Friday, 21 September 2012 8:44 a.m.
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
I have hundreds of disable
: Friday, 21 September 2012 11:38 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/20/2012 03:52 PM, Steven Jones wrote:
Hi,
I have imported users, but there are 5700 of them but I only have 2000 which
corresponds to the view
: [Freeipa-users] winsync agreement wipes IPA users
On 09/17/2012 07:10 PM, Steven Jones wrote:
Hi,
I understand that I'll lose users that are cn=Staff_Admins,dc=etc
So the Q is why I am losing users in the --win-subtree
cn=VUW_Staff,dc= etc
This I dont understand
I have the -v already
From: Rich Megginson [rmegg...@redhat.com]
Sent: Thursday, 20 September 2012 11:03 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/19/2012 04:55 PM, Steven Jones wrote:
Hi,
Sample of errors log
: Thursday, 20 September 2012 11:03 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/19/2012 04:55 PM, Steven Jones wrote:
Hi,
Sample of errors log,
=
[17/Sep/2012:13:31:48 +1200] NSMMReplicationPlugin - changelog
University, Wellington, NZ
0064 4 463 6272
*From:* Rich Megginson [rmegg...@redhat.com]
*Sent:* Tuesday, 18 September 2012 12:47 p.m.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync
On 09/17/2012 04:55 PM, Steven Jones wrote:
In section 8.4.5 it talks about making an agreement one way...which is
mostly what I want, so everything incl password changes from AD to
IPA. except I want account disabled / enabled to flow both ways.
So if I do a
ldapmodify -x -D cn=directory
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Dmitri Pal [d...@redhat.com]
Sent: Tuesday, 18 September 2012 9:22 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreements, mostly one way.
On 09/17/2012 04:55 PM, Steven
-users-boun...@redhat.com
[freeipa-users-boun...@redhat.com] on behalf of Dmitri Pal
[d...@redhat.com]
*Sent:* Tuesday, 18 September 2012 9:22 a.m.
*To:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreements, mostly one way.
On 09/17/2012 04:55 PM, Steven Jones wrote
Megginson [rmegg...@redhat.com]
Sent: Tuesday, 18 September 2012 9:43 a.m.
To: Steven Jones
Cc: d...@redhat.com; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreements, mostly one way.
On 09/17/2012 03:34 PM, Steven Jones wrote:
Hi,
Im confused as section 8.4.5 page 182 first para
Hi,
I just tried to do a winsync agreement with specifying the AD point as
cn=VUW_Staff,dc=staff,dc=vuw,dc=vuw,dc=ac,dc=nz as my users are not in the
users folder but the VUW_Staff folder (at the same level) and it wiped all IPA
users that are also in AD. While doing the actual update does
On 09/17/2012 04:17 PM, Steven Jones wrote:
Hi,
I just tried to do a winsync agreement with specifying the AD point as
cn=VUW_Staff,dc=staff,dc=vuw,dc=vuw,dc=ac,dc=nz as my users are not
in the users folder but the VUW_Staff folder (at the same level) and
it wiped all IPA users that are
2012 11:37 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/17/2012 04:17 PM, Steven Jones wrote:
Hi,
I just tried to do a winsync agreement with specifying the AD point as
cn=VUW_Staff,dc=staff,dc=vuw,dc=vuw,dc=ac,dc=nz
.
*To:* Steven Jones
*Cc:* freeipa-users@redhat.com
*Subject:* Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/17/2012 04:17 PM, Steven Jones wrote:
Hi,
I just tried to do a winsync agreement with specifying the AD point
as cn=VUW_Staff,dc=staff,dc=vuw,dc=vuw,dc=ac,dc=nz as my users
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Tuesday, 18 September 2012 12:47 p.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement wipes IPA users
On 09/17/2012 06:17 PM
On 09/13/2012 08:10 PM, Steven Jones wrote:
=
Are there corresponding users in IPA where the IPA uid is the same as
the AD samaccountname of a user in the admin subtree?
=
I think the answer to that is yes.
admin-steven in IPA also exists in AD as admin-steven. So if I had set
On 09/14/2012 09:20 AM, Dmitri Pal wrote:
On 09/13/2012 08:10 PM, Steven Jones wrote:
=
Are there corresponding users in IPA where the IPA uid is the same as
the AD samaccountname of a user in the admin subtree?
=
I think the answer to that is yes.
admin-steven in IPA also exists in
Steven Jones wrote:
I just setup a winsync agreement expect its wiped any IPA user that also
exists in AD.
Is this expected? if so how do I stop it doing that?
The 389-ds winsync plugin is deleting entries that appear to be out of
scope,
https://fedorahosted.org/freeipa/ticket/2927
rob
Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rob Crittenden [rcrit...@redhat.com]
Sent: Friday, 14 September 2012 12:30 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
Megginson [rmegg...@redhat.com]
Sent: Friday, 14 September 2012 2:56 a.m.
To: Rob Crittenden
Cc: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
On 09/13/2012 06:30 AM, Rob Crittenden wrote:
Steven Jones wrote:
I just setup a winsync agreement expect its wiped
, Wellington, NZ
0064 4 463 6272
From: Rob Crittenden [rcrit...@redhat.com]
Sent: Friday, 14 September 2012 12:30 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
Steven Jones wrote:
I just setup a winsync agreement
Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Friday, 14 September 2012 2:56 a.m.
To: Rob Crittenden
Cc: Steven Jones; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync
463 6272
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Steven Jones [steven.jo...@vuw.ac.nz]
Sent: Friday, 14 September 2012 8:53 a.m.
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement
Hi
Hi,
So I have 6.3 and just lost all my IPA users. So anyone on 6.2/6.3 until they
upgrade after December's 6.4 could lose all their IPA users if they do a
winsync agreement and dont twig to that option being essential if they dont
have a std AD. Not only that my admins are in a separate OU,
On 09/13/2012 05:11 PM, Steven Jones wrote:
Hi,
So I have 6.3 and just lost all my IPA users.
In production or in a test environment?
So anyone on 6.2/6.3 until they upgrade after December's 6.4 could lose all
their IPA users if they do a winsync agreement and dont twig to that option
being
I just setup a winsync agreement expect its wiped any IPA user that also exists
in AD.
Is this expected? if so how do I stop it doing that?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Thursday, 26 July 2012 12:28 p.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/25/2012 06:11 PM, Steven Jones wrote:
Hi,
From a RH support case as I dont have access to the RDS
RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Wednesday, 25 July 2012 2:54 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/23/2012 06:32 PM
Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Thursday, 26 July 2012 1:58 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/24/2012 03
...@redhat.com]
Sent: Thursday, 26 July 2012 1:58 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/24/2012 03:15 PM, Steven Jones wrote:
Hi Rich,
I can appreciate what you are saying, but
Not on Windows but specifically AD, the very core
: Rich Megginson [rmegg...@redhat.com]
Sent: Thursday, 26 July 2012 11:59 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/25/2012 02:41 PM, Steven Jones wrote:
Hi,
Ah ok, I have the official one.
From where did you get it? And does it allay your
From: Rich Megginson [rmegg...@redhat.com]
Sent: Thursday, 26 July 2012 11:59 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/25/2012 02:41 PM, Steven Jones wrote:
Hi,
Ah ok, I have the official one.
From where did you get it? And does
@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/25/2012 06:11 PM, Steven Jones wrote:
Hi,
From a RH support case as I dont have access to the RDS channel.
We just updated the RHEL 6.3 downloads to have the RedHat-PassSync .msi
files.
No, its doesn't allay my Windows and security ppls
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/23/2012 05:38 PM, Steven Jones wrote:
Hi,
For the winsync agreement my Windows and security teams want to know its
details,
eg who wrote it,
Red Hat - do you need to know the names of the developers?
it is Microsoft
Hi,
For the winsync agreement my Windows and security teams want to know its
details,
eg who wrote it, it is Microsoft certified etc.
Where will I find such info?
All I have is
http://port389.org/wiki/Download
Which doesn't tell me much.
regards
Steven Jones
Technical Specialist - Linux
On 07/23/2012 05:38 PM, Steven Jones wrote:
Hi,
For the winsync agreement my Windows and security teams want to know its
details,
eg who wrote it,
Red Hat - do you need to know the names of the developers?
it is Microsoft certified etc.
Not that I know of - how would one go about doing
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rich Megginson [rmegg...@redhat.com]
Sent: Tuesday, 24 July 2012 12:11 p.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync msi
On 07/23/2012 05:38 PM, Steven Jones
On 03/11/2012 03:45 PM, Steven Jones wrote:
Hi,
If I have a winsync agreement from AD to IPA, and this does uni-directional
password from AD to IPA and for some reason this temporarily breaks, say a
network failure.
If you are talking about password sync from AD to IPA, and only that,
Hi,
If I have a winsync agreement from AD to IPA, and this does uni-directional
password from AD to IPA and for some reason this temporarily breaks, say a
network failure.
1) Is there a time limit to -re-establish before it becomes stale?
2_ Once the communications is functioning again
I've installed fedora 16 and freeipa 2.1.4 and am trying to create the winsync
to a AD2008 server per the documentation and I got to step 7.3. I used command:
ipa-replica-manage connect --winsync --binddn
cn=user1,cn=user,dc=domain1,dc=com--bindpw '(xxx' --passsync '(xxx'
--cacert
On 03/09/2012 12:44 PM, Hemminger, Corey Lee.
[heco0...@stcloudstate.edu] wrote:
I've installed fedora 16 and freeipa 2.1.4 and am trying to create the
winsync to a AD2008 server per the documentation and I got to step
7.3. I used command:
ipa-replica-manage connect --winsync --binddn
On 12/01/2011 07:02 PM, Aram J. Agajanian wrote:
On Wed, 30 Nov 2011 16:21:58 -0500
Aram J. Agajanian agaja...@cs.newpaltz.edu wrote:
Is is possible to configure an AD synchronization with IPA but only
for existing IPA accounts?
If it's not possible to do this, then I'm considering an
Is is possible to configure an AD synchronization with IPA but only
for existing IPA accounts? Our AD has a lot of user accounts that the
IPA won't need for now. I don't want to automatically add all of the
additional user accounts to IPA.
I can set up new IPA user accounts with the ipa
93 matches
Mail list logo