I don't think it is an issue with settings in AD. Server 2003 will
automatically disable an account that is created with a blank password.
This seems to fit with what you are seeing, since the account is
immediately disabled in AD and the user is required to change their
password. Is your SSL setup working? You can use ssltap (in
/opt/fedora-ds/shared/bin if you used the installed defaults) to proxy
the connections and see what is going (or not going) back and forth.
Replication requires SSL in order to sync passwords, and unless it is
set up correctly on both FDS and the DC with PassSync, you will not get
any passwords, period. What do your logs in FDS say when you add a
user? Are there any errors? If the logs are not very informative, use
the console to increase the log level. Passwords are the trickiest part
of this setup, simply because they require SSL/certificates and an extra
app on the DC. The wiki has detailed instructions. If you need more
help, posting error messages and log info would be very helpful.
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
