On 09/09/2009 06:59 AM, Doug Tucker wrote:
On Tue, 2009-09-08 at 16:08 -0700, Chandrasekar Kannan wrote:
On 09/08/2009 01:04 PM, Morris, Patrick wrote:
On Tue, 08 Sep 2009, Doug Tucker wrote:
OK! The logging was a tremendous help to at least seeing where the
failure is. When the password change is made on the PDC, passync DOES
catch it and replicate to 389. However, if the password change occurs
on the BDC, even though we see the change replicated to the PDC, passync
is NOT catching it and replicating to 389. Does anyone have any ideas?
I believe The Password Sync Service must be installed on every Active
Directory domain controller.
It appeared that way for no other reason than it wasn't working, but I
can't find anything in the documentation to indicate that, and someone
else that responded indicated he sees the change after the BDC
replicates it to the PDC. Was just hoping for some official word that
states that this must be done.
I'm not seeing anything in the docs either,
which docs are you referring to ? Have a url ?.
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Windows_Sync.html
updated url
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Windows_Sync.html#Windows_Sync-About_Windows_Sync
has a reference to that ...
"The Password Sync Service must be installed on every Active
Directory domain controller"
hope that helps...
This is what I have been using for how to set this up. I cannot find
any reference to the need to install passync on all of the controllers
in the domain, it only references the primary. And according to our
windows guy here, MS changed terminology, but there is definitely a
primary and then the others are bdc's.
I agreed that from just a thinking perspective it would have to be done,
but then someone in this thread earlier indicated that changes made to
his bdc were synced to 389 after it replicated to the pdc, which kinda
left me in limbo that I may still have something wrong, and before I
have the windows guy start installing it everywhere, I wanted to hear
from someone truly "in the know" of what needed to be done.
--
389 users mailing list
389-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
389 users mailing list
389-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
