On Wednesday August 3 2005 8:16 am, Dimitri Yioulos wrote: > On Tuesday August 2 2005 6:15 pm, David Boreham wrote: > > >But I've checked and rechecked those. My bind DN is cn=Admin. That's > > > the correct format, isn't it? > > > > > >- > > > > Indeed no. You want the DN for the Administrator user in AD. > > Typically that would be something like 'cn=Administrator, ou=users, > > dc=company, dc=com'. > > However, I would recommend that you use ldapsearch to first establish > > the correct DN > > (search for all users in AD and go looking for the administrator user). > > David, > > I changed the DN as you suggested, and my sync worked (just as I imagine > you expected it would). Thank you very much! > > If I may be so bold as to take advantage of your knowledge and kindness - > when I created the Windows Sync Agreement, I specified the DS subtree as > ou=People,dc=headquarters,dc=mydomain,dc=com, and the Windows subtree as > cn=People,dc=headquarters,dc=mydomain,dc=com. When the sync completed, all > Windows users and groups ended up in the FDS People subtree. How would I > get Windows groups to populate the FDS gorups subtree, and only users to > populate the People subtree? > > Dimitri > Sorry, the Windows subtree is cn=Users ...
