Espen A. Stefansen
2006-Apr-27 11:36 UTC
[Fedora-directory-users] Need help syncing between Active Directory and FDS
Hi I''m a new user to FDS, so I''ve got some problems getting it to work. I''m trying to sync our Active Directory over to FDS. Unfortunately it doesn''t work, so hopefully someone can give me some pointers. I''ve been looking through the wiki and the manuals, but i haven''t found that helped. This is how I installed FDS: 1. Installed FDS on CentOS 4; fds.example.com. 2. Ran setup with default values (including directory manager) 3. Ran setupssl.sh. 4. Install PassSync on a Windows Domain Controller (Windows 2003); win.example.com. - Values: --- Hostname: fds.example.com --- Port: 686 --- Username: cn=directory manager,cn=config --- Cert Token: ?? (Should this be the password for the certificate?) --- Search: dc=example,dc=com And then imported the certificates from fds.example.com 5. Started the console, and enabled "changelog" and "replica" as "single master". 6. I then generated a "windows sync agreement". - Values: --- domain: example.com --- DCH: win.example.com --- Enabled SSL --- Bind as: cn=directory manager,cn=config When I try to do a full sync, it says it cant find the LDAP-server, error 81. Does that mean the FDS-server? Does anyone have any idea on what might be wrong? And have I installed it correctly? Regards Espen Stefansen
Nathan Kinder
2006-Apr-27 14:28 UTC
Re: [Fedora-directory-users] Need help syncing between Active Directory and FDS
Espen A. Stefansen wrote:>Hi >I''m a new user to FDS, so I''ve got some problems getting it to work. I''m >trying to sync our Active Directory over to FDS. Unfortunately it >doesn''t work, so hopefully someone can give me some pointers. > >I''ve been looking through the wiki and the manuals, but i haven''t found >that helped. > >This is how I installed FDS: > >1. Installed FDS on CentOS 4; fds.example.com. > >2. Ran setup with default values (including directory manager) > >3. Ran setupssl.sh. > >4. Install PassSync on a Windows Domain Controller (Windows 2003); >win.example.com. > - Values: > --- Hostname: fds.example.com > --- Port: 686 > --- Username: cn=directory manager,cn=config > --- Cert Token: ?? (Should this be the password for the certificate?) > >You don''t need to fill the cert token in.> --- Search: dc=example,dc=com > > And then imported the certificates from fds.example.com > >5. Started the console, and enabled "changelog" and "replica" as >"single master". > >6. I then generated a "windows sync agreement". > - Values: > --- domain: example.com > --- DCH: win.example.com > --- Enabled SSL > --- Bind as: cn=directory manager,cn=config > > >When I try to do a full sync, it says it cant find the LDAP-server, >error 81. Does that mean the FDS-server? > >It''s saying it can''t connect to Active Directory. This is probably because Active Directory is not running on the secure port (636). You need to setup Active Directory for LDAPS. Take a look at this page on our wiki for details on how to do this: http://directory.fedora.redhat.com/wiki/Howto:WindowsSync You should also make sure you can connect to Active Directory over LDAPS with ldapsearch before you create your sync agreement. -NGK>Does anyone have any idea on what might be wrong? And have I installed >it correctly? > >Regards >Espen Stefansen > >-- >Fedora-directory-users mailing list >Fedora-directory-users@redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > >