Anne Cross wrote:
Can you be more specific? Have you tried the replication log level (which also logs winsync data) - http://directory.fedoraproject.org/wiki/FAQ#TroubleshootingI'm trying to sync passwords from 389 to Active Directory.If we import users from AD, then try to change their passwords, the replication locks up.
If we create the users on 389, and sync them back to AD, the password field passed back is blank in Windows.When you create the users on 389, are you using the clear text password in the userPassword field?
Passsync isn't going to work because we're running 64bit Windows, so we can't sync the passwords *from* AD. I got this working earlier, but that was with FDS in a test instance several months ago, and I didn't write down what I did. (And I am kicking myself over that.) We can live without people changing their passwords on AD as long as we *can* sync passwords down from 389.
We are working on 64-bit Windows support.
Try it with cn=administrator,cn=users,dc=yourdomain,dc=com to rule out any permissions issues.The replication manager account on AD has full Directory Admin privs, so it *does* have the ability to update passwords.
What am I missing? Our logs are showing us a lot of things that are not helpful; I will be happy to attach further logs if people can tell me what to look for, but we've been trying this for two days now, and we're not any closer than we were when we started.
<<attachment: smime.p7s>>
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
