Jeff Gamsby wrote:
Yes, that's just an identifier used in the synchronization agreement. To check if the PassSync connection in truly using SSL, check the access log on the FDS side. I'm not sure what connection logging AD provides, but there may be something similar. If not, you can use ethereal to verify that the traffic is being encrypted.OK, but when I set it up this way and I check the replication logs, I see the suppliers port, and it's listed as 389. When configuring PassSync, I do put it in secure mode with the secure port. So it doesn't matter, since the PassSync config is set to SSL, and the FDS to AD has to be SSL, then that 389 is just an identifier?I think that you are getting hung up on a display issue. The supplier is just listed as a string to identify the instance. The synchronization is always[*] initiated from the FDS side, so as long as you are trying to connect to AD via SSL, everything will be encrypted.[*] The one exception to this is the PassSync service installed on the windows side. You need to configure this to connect to FDS over the SSL port.-NGK
-NGK
Jeff -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
