Vipul Ramani wrote: > HI Rich > > The ldapsearch output below looks correct. In your sync agreement, did > you use labdc01.tf-lab.test2.com <http://labdc01.tf-lab.test2.com> or > just labdc01? You have to use the FQDN. Is > > > in winsync Aggreement i used FQDN ... > > > > > > > /etc/dirsrv/slapd-linux2/slapd-linux2cert8.db a symlink to > /etc/dirsrv/slapd-linux2/cert8.db? What is the relationship between > slapd-linux2cert8.db and cert8.db? > > > > Yes you are right it is sym link. > /etc/dirsrv/slapd-linux2/slapd-linux2cert8.db a symlink to > /etc/dirsrv/slapd-linux2/cert8.db .... The original error is this: https://www.redhat.com/archives/fedora-directory-users/2008-October/msg00056.html NSMMReplicationPlugin - agmt ="cn=vedant " ( labdc01:636) : simple bind failed , LDAP sdk error 91 ( Can't connect to the LDAP server ) , Netscape Portable Runtime error - 8179 ( Peer's Certificate issuer is not recoginzed ) That usually means that Fedora DS cannot verify the AD SSL server cert. This is usually because Fedora DS doesn't have or trust the CA cert of the CA that issued the AD SSL cert. The Peer in this case is the AD SSL server, the issuer is the CA that issued the AD SSL server cert. I'm not sure what the problem could be. > > > > > Regards > Vipul Ramani > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20081020/b41bc4c1/attachment.bin