lambam80@xxxxxxxxxxx wrote:
Rich, hello and thanks for the quick reply.You write: < Yes, this appears to be a bug in windows sync How might I get further information - is there a BUG number/report ?Should I try and log a BUG ? If so, where ?
https://bugzilla.redhat.com/show_bug.cgi?id=470224
Sorry, I'm new to Fedora/Redhat/Linux (migrating off Sun Solaris, so to speak). Anyway, I have the following work-around: - use the password sync mechanism from Redhat - I've yet to test this - next on my list- Use a script to do the following: -- create Directory Server user account -- create Active Directory account using ldapmodify and LDAPS -- set the Active Directory unicodePwd:: using ldapmodify and LDAPS-- set the Active Directory userAccountControl: 512 using ldapmodify and LDAPS. '512', I believe, 'enables' the account.
Yes. See also http://support.microsoft.com/kb/305144But if you are using WinSync, you can configure it to automatically create accounts in AD when added to DS, and vice versa. So you might just use DirSync or sequence number to look for new AD accounts that are disabled, and enable them. See http://msdn.microsoft.com/en-us/library/ms677626(VS.85).aspx and http://support.microsoft.com/kb/891995
Thanks again for your help,Dave (former employee of iPlanet :-)
My condolences :-)
------------ > Date: Tue, 2 Dec 2008 08:51:08 -0700 > From: rmeggins@xxxxxxxxxx > To: fedora-directory-users@xxxxxxxxxx > CC: lambam80@xxxxxxxxxxx> Subject: Re: 'Account Disabled' Windows Sync Directory Server red cross> > lambam80@xxxxxxxxxxx wrote: > > Firstly, please accept my apologies for a white lie. > > I'm, in fact, using CentOS but a colleague of mine recommended that I > > use this forum/mailing-list. > > > > Let me know if this white-lie is a problem. > > > > cat /etc/redhat-release > > CentOS release 5.2 (Final) > > > > /usr/sbin/ns-slapd -v > > CentOS-Directory/8.0.4 B2008.288.1513 > > > > Windows 2003 Server Standard Edition R2 > > > > I've 'successfully' configured Windows Sync and it > > works in both directions. > > > > However, accounts that are synched from Centos Directory Server to > > Active Directory are > > created with the 'Account Disabled' checkbox selected. > > > > In the Windows account administration interface > > they also have the red cross next to them. > > > > Q1. Have other people seen this behavior with Windows Sync ? > Yes, this appears to be a bug in windows sync > > > > Q2. How can I change this behavior and have the > > windows-accounts enabled from the start ? > Not sure. > > > > Thanks for your time, cheers lambam80 > > Active-Directory Active-Dir Active Dir Active Directory > > Edit/Delete Message > > <http://forums.fedoraforum.org/editpost.php?do=editpost&p=1122288> > >> > ------------------------------------------------------------------------> >> > ------------------------------------------------------------------------> >> > ------------------------------------------------------------------------> > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@xxxxxxxxxx > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > ------------------------------------------------------------------------Win a trip with your 3 best buddies. Enter today. <http://www.messengerbuddies.ca/?ocid=BUDDYOMATICENCA19>
<<attachment: smime.p7s>>
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
