Jason Solan wrote: > Hello, > Recently we've upgraded our fds servers (1.1.3) to 389 (1.2.2). Doing > so seems to have broken password sync from 389 to Active Directory. All > other attributes are passing fine and passync from AD to 389 is working. > The AD machine has not been updated since before the upgrade of 389, at > which time the sync still worked. > > No error occurs in the log, but the sync takes 10 minutes before timing > out and claiming success. After turning on more logging, the error log > reports: > > "AD already has the current password for <CN>. Not sending password > modify to AD." > > I brought this up on IRC the other day and got a response that this is > most likely bug: > https://bugzilla.redhat.com/show_bug.cgi?id=537956 > > (I think thats the bug, bugzilla is down for maintenance at the time of > this email) > > Today I went and re-installed a new server and put fedora-ds on by > excluding the 389* packages. I imported my directory and enabled > windows sync on this system. The password sync works fine from this new > system. > > Has anyone run into a similar issue? > Is there a way to downgrade after upgrading to 389? > Could the issue have anything to do with the name of the service (i.e. > changing a config parameter that windows sync uses from fedora-ds- to > 389-)? > Could this still be the same bug as listed above, or should I open a new > one? > Please open a new bug. > > All fds/389 systems are centos 5.4 > > Packages on Working sync: > > fedora-ds-console-1.2.0-1.fc6 > fedora-ds-base-1.2.0-2.fc6 > fedora-ds-dsgw-1.1.2-1.fc6 > fedora-ds-admin-1.1.7-3.fc6 > fedora-ds-1.1.3-1.fc6 > fedora-ds-admin-console-1.1.3-1.fc6 > > > Packages Non-working sync: > > 389-ds-console-1.2.0-4.el5 > 389-admin-1.1.8-4.el5 > 389-console-1.1.3-3.el5 > 389-ds-console-doc-1.2.0-4.el5 > 389-ds-1.1.3-4.el5 > 389-admin-console-1.1.4-1.el5 > 389-admin-console-doc-1.1.4-1.el5 > 389-adminutil-1.1.8-3.el5 > 389-ds-base-1.2.2-1.el5 > 389-dsgw-1.1.4-1.el5 > > > > > > > > IMPORTANT: > This transmission is sent on behalf of Knouse Foods ? for business > purposes. It is for the intended recipient only. If you are not the intended > recipient or a person responsible for delivering this transmission to > the intended recipient, you may not disclose, copy or distribute this > transmission or take any action in reliance on it. If you received this > transmission in error, please notify us immediately by replying to this > Email message, and please dispose of and delete this transmission. > Thank you. > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
