As far I understand by reading docs again that the user specified in the Syn agreement and Bind DN should be same and exist on Active directory with Domain Admin privileges. But I have other issues now. The DS server is unable to connect to my AD. I enabled SSL by copying the same root certificate into AD and also generating a server certificate and opened up ports in firewall. Am I missing something like allowing client Authentication on the AD machine? My currents certificates are as follows. DS has its own server certificate AD has its own server certificate ALL 3 servers AS,DS and AD have the same CA root certificate ---------------------------------------- > From: kirankmadala at hotmail.com > To: fedora-directory-users at redhat.com > Date: Wed, 9 Jan 2008 10:35:00 -0400 > Subject: Windows Active Directory sync Help! > > > Hello, > > I am trying to sync the DS with AD. Since I am new to AD and DS I have few questions. > > I want to synchronize only users and groups so Is it necessary to enable SSL on Active Directory and connect to Active directory through SSL? > > In the replica settings the supplier DN user need to be on both AD and DS with should be a Domain admin of the AD? > > When trying to synchronize with AD the bind DN (In screen shot) user should be in both AD and DS? > > > I have attached the screen shot of my final DS agreement window. I believe currently it is defined to synchronize users what changes I need to make it synchronize groups aswell. > > Thanks in advance > _________________________________________________________________ > Exercise your brain! Try Flexicon! > http://puzzles.sympatico.msn.ca/chicktionary/index.html?icid=htmlsig _________________________________________________________________ Use fowl language with Chicktionary. Click here to start playing! http://puzzles.sympatico.msn.ca/chicktionary/index.html?icid=htmlsig
