kiran madala wrote: > Hello, > > I am trying to sync the DS with AD. Since I am new to AD and DS I have few questions. > > I want to synchronize only users and groups so Is it necessary to enable SSL on Active Directory and connect to Active directory through SSL? > No. TLS/SSL is only required for password sync. > In the replica settings the supplier DN user need to be on both AD and DS No, only on AD > with should be a Domain admin of the AD? > Domain admin is the easiest way to go - harder but safer would be to create a special user that has read/write access to the subtree only. > When trying to synchronize with AD the bind DN (In screen shot) user should be in both AD and DS? > > > I have attached the screen shot of my final DS agreement window. I believe currently it is defined to synchronize users what changes I need to make it synchronize groups aswell. > You should definitely not use o=NetscapeRoot. When you ran setup, it should have created a suffix for use with users and groups e.g. dc=netscaper,dc=com > Thanks in advance > _________________________________________________________________ > Exercise your brain! Try Flexicon! > http://puzzles.sympatico.msn.ca/chicktionary/index.html?icid=htmlsig > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20080109/3560ba10/attachment.bin
