FDS 10.4 on RH Enterprise 4.5 , AD on W2003 sp2. SSL active on both side with server certificates from same CA (openSSL). PassSync and Replication Directory Agreement configured on SSL. I like to share my experience just to figure out if FDS and AD could be integrated in real life scenario. Basically I would be able to keep in sync password and use FDS (or AD) as a common place to manage password expiration. Password Sync. Since now following FDS wiki and other (few) source in Internet I has been able to keep in sync password as follows: password changed on AD is properly replicated on FDS password changed on FDS (console) is properly replicated on AD password changed on Linux (via LdapPam) is not replicated on AD. I suspect some encoding issues, since logs seem OK. Anybody is facing or confirm this behaviour ? Password expiration (a must for me) Is it possible to manage password expiration from FDS (via Managed Password Policy for Users...right click on config/pulgins) to apply both for AD and Linux LdapPam athenticated users? How should I manage this ? Second question. If activated send warning check box, how are users notified ? Account expiration It seems that account disabling action is not replicated from FDS to AD neither from AD to FDS. Is this correct? Regards, Paolo. ------------------------------------------------------------------------------------------------ Paolo Barbato email: mailto:paolo.barbato at igi.cnr.it Network Administrator phone: (39-049)-829-5097 (39-049)-829-5000 Corso Stati Uniti,4 www: http://www.igi.cnr.it 35127 Camin-Padova PGP: http://www.igi.cnr.it/wwwpgp/rfx_paolo_barbato.pgp ITALY JabberID: rfx_paolo_barbato at messenger.efda.org ------------------------------------------------------------------------------------------------
