Winsync require LDAPS for password sync. This domain user needs some privileges in ad - modifying, read, write on the synced subtree.
From ds point of view you configure normal user account for needs of sync with ad. This user doesn't need to be in your organization tree. You can place him in cn=config. I usually create account like cn=adsyncuser, cn=config without ocjectclasses providing normal system account attributes.
Hope this helps you
17 kwi 2013 16:40, "Aziza Lichir" <aziza.lichir@xxxxxxxxx> napisał(a):
thanks for your helpHey,Thanks for your quick answer, for the moment I installed the 389 console on a WindowsXP machine and i want to know if i can replicate users from AD knowing that i only use a normal user account and without activating Ldaps ?
___________________________________________________________Aziza
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
