Re: Group Member Sync 389 to AD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

dpkg -l 389-ds-base



389-ds-base   1.3.1.9-0ubuntu2  amd64


On Mon, 2014-05-19 at 13:50 -0700, Noriko Hosoi wrote:
> DuWayne Holsbeck wrote:
> > I did use multiple OUs, trying to mimic the AD structurer as closely as
> > possible. I think I tried to all in one approach, but there was some
> > kind of issue. The MS server is 2008 R2.
> >
> > The DS server is version 1.3.1.
> What is the revision #?
> $ rpm -q 389-ds-base
> > the attributes set on the groups are
> > ntgroupcreatenewgroup = on, nt goupdeletegroup = on, ntuniqueid
> >   = xxxxxxxxxxxxxx, ntuserdomainid = "group name". It has the ntgroup
> > objectClass, and a list of uniquemembers.
> >
> > Cheers
> > DuWayne
> >
> > On Sun, 2014-05-18 at 20:42 +0300, Vesa Alho wrote:
> >> On 05/16/2014 09:12 PM, DuWayne Holsbeck wrote:
> >>> I have a 389 and AD servers setup, and sync agreements configured for
> >>> users, and groups. The Groups synced fine, but on the AD side there are
> >>> no members in the groups. I set the ntGroup objectClass, ntGroupType,
> >>> ntGroupCreateNewAccount, ntGroupDeleteAccount, ntUniqueId attributes set
> >>> on the 389DS side.Initial sync runs without errors.
> >>>
> >>> Am I missing something, or is there a trick to get the Group memberships
> >>> to sync up between the 2?
> >>>
> >>> Any suggestions on a fix, or way to troubleshoot the issue would be
> >>> greatly appreciated.
> >> Did you setup a single sync agreement? I managed to get group members
> >> working when syncing users and groups with single sync agreement. Due to
> >> our ldap structure, I had to create sync agreement for the whole root
> >> suffix.
> >>
> >> 389: dc=domain,dc=com ==> AD: ou=ldap,dc=domain,dc=com
> >>
> >> Before this, I tried to sync users and groups with separate sync
> >> agreements which didn't work. Also check you are running at least
> >> version 1.2.11.29. I had general problems with MS Server 2012 R2 with
> >> earlier versions.
> >>
> >> -Vesa
> >> --
> >> 389 users mailing list
> >> 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> >> https://admin.fedoraproject.org/mailman/listinfo/389-users
> >
> > --
> > 389 users mailing list
> > 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> > https://admin.fedoraproject.org/mailman/listinfo/389-users
> 
> --
> 389 users mailing list
> 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/389-users


--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux