Richard Megginson wrote:
Glenn wrote:Paolo - Maybe your certificates are not set up correctly. You should have the same CA certificate in the database in both FDS and AD. Also, the server certs in each database should be issued by the same certificate authority.You should not need to do this. All that should be required is that each cert db has the cert for that server plus the trusted CA cert.It is convenient to use the Certificate Authority included with recent Microsoft Windows servers to create a CA certificate to import into both databases. You can then create server certificates using the MSCA and import them into their respective databases.You may also need to import the server certificate from FDS into the database on AD and vice-versa.Once this is done, you should review and possibly modify the trust attributes on all the certs. As you can see from my examples, I used a scatter-gun approach. You will need to use certutil for all import and modify operations on the certificate databases. "certutil -H" gives a nice reference.
[snip]Just need confirmation. In order for the passsync to work, does FDS first need to have the corresponding users from Windows ADS manually created ? Doesn't Passsync do this automatically? TIA
-- Peter Santiago peters@xxxxxxxxxxxxxxx My website: www.psinergybbs.com My spamtrap address: r34987y@xxxxxxxxxxxxxxx
<<attachment: smime.p7s>>
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
