Richard Megginson wrote:
I think that you are getting hung up on a display issue. The supplier
is just listed as a string to identify the instance. The
synchronization is always[*] initiated from the FDS side, so as long
as you are trying to connect to AD via SSL, everything will be encrypted.
[*] The one exception to this is the PassSync service installed on
the windows side. You need to configure this to connect to FDS over
the SSL port.
-NGK
OK, but when I set it up this way and I check the replication logs, I
see the suppliers port, and it's listed as 389. When configuring
PassSync, I do put it in secure mode with the secure port. So it
doesn't matter, since the PassSync config is set to SSL, and the FDS
to AD has to be SSL, then that 389 is just an identifier?
Yes.
OK. forgetting the Admin server SSL stuff which I don't really need, it
is working, again.
Thank you all.
You cannot use pre-hashed passwords when trying to do synchronization. I
was trying to go from OpenLDAP to FDS with my SSHA hashed passwords, and
that did not work. You can do it, but you will have to reset the
password on the AD side. You cannot carry the passwords with you to AD.
------------------------------------------------------------------------
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
