Re: 389 PassSync 1.1.7 and WIndows Server 2012R2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

We had the log level set to 1. Turns out, our AD server had to have our domain CA’s certificate imported into the AD server’s personal certificate store. Apparently our Windows admins have been doing this, but it wasn't documented in our procedures so when we threw two new people at it, neither of us knew about the undocumented procedure.

Thanks!

Geoff Hardin
geoff.hardin@xxxxxxxxxxxx

This message contains information that may be confidential and privileged. Unless you are the addressee (or authorized to receive mail for the addressee), you should not use, copy or disclose to anyone this message or any information contained in this message. If you have received this message in error, please so advise the sender by reply e-mail and delete this message. Thank you for your cooperation.

From: Alberto Viana [mailto:albertocrj@xxxxxxxxx] 
Sent: Thursday, December 21, 2017 07:19
To: General discussion list for the 389 Directory server project. <389-users@xxxxxxxxxxxxxxxxxxxxxxx>
Subject: [External] [389-users] Re: 389 PassSync 1.1.7 and WIndows Server 2012R2

Hi,

Did you try change the log level? 

HKEY_LOCAL_MACHINE\SOFTWARE\PasswordSync

Change LogLevel to 1 (If Im not wrong, the default is 0).

Restart the service and check de log again.

Hope that helps.

On Wed, Dec 20, 2017 at 6:28 PM, Geoff Hardin <geoff.hardin@xxxxxxxxxxxx> wrote:
We are implementing PassSync 1.1.7 in a Windows Server 2012R2 domain and I am not seeing any indication the passsync.log file that passwords are being sent to the 389 DS. I have confirmed that the PassSync service starts without an error on the two Active Directory domain controllers, and the OU structure and user accounts have synced between Windows and 389. At this point, it just not sending password changes to the 389 DS. I was wondering if there was documentation that described any required security settings within the Windows domain? I am afraid that we have enabled some security setting in a GPO.

Geoff Hardin
geoff.hardin@xxxxxxxxxxxx
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx

_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux