On 9/19/22 3:05 AM, Darshan B wrote:
Hello Team I have a question on sync between 389 DS and windows active Directoty. I have followed this link to https://documentation.suse.com/sles/15-SP3/html/SLES-all/cha-security-ldap.html for Synchronizing with Microsoft Active Directory(6.11) with 389 DS , I'm able to create the repl-winsync-agmt but while checking its status using sudo dsconf ldap1 repl-winsync-agmt init-status i'm getting below error . Error: [16/Sep/2022:16:25:45.129760205 +051800] - ERR - slapi_ldap_bind - Could not send bind request for id [CN=darshan,CN=Users,DC=training,DC=itadmin,DC=com] authentication mechanism [SIMPLE]: error -1 (Can't contact LDAP server), system error -5950 (File not found.), network error 107 (Transport endpoint is not connected, host "192.168.56.106:389")
This means the replication agreement can not connect to the AD server. Perhaps your winsync agreement is not configured correctly. Please provide the agreement entry from 389 DS.
Thanks, Mark
I'm able to do ldapsearch on Active directory but repl-winsync-agmt init-status command is giving the network error. ldapseach command: ldapsearch -x -h 192.168.56.106 -p 389 -b "CN=Users,dc=training,dc=itadmin,dc=com" -D "CN=darshan,CN=Users,DC=training,DC=itadmin,DC=com" -w "Test@123" dn repl-winsync-agmt create command used: sudo dsconf -D "cn=ldap1-infra1" -w "#CEEadmin123" ldap1 repl-winsync-agmt create --suffix "dc=openstack,dc=org" --host 192.168.56.106 --port 389 --conn-protocol LDAPS --bind-dn "CN=darshan,CN=Users,DC=training,DC=itadmin,DC=com" --bind-passwd "Test@123" --win-subtree "CN=Users,DC=training,DC=itadmin,DC=com" --ds-subtree "dc=openstack,dc=org" --one-way-sync fromWindows --sync-users=on --sync-groups=on --move-action delete --win-domain "trainingitadmin.com" adsync_agreement Let me know what should be done to resolve this network error _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
-- Directory Server Development Team _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
