I have some problems to synchronize 389-DS with AD
I have followed this HowTo : http://www.linuxmail.info/389-directory-active-directory-ssl-synch/
I have successfully imported cert files in both AD and 389-DS and can communicate in SSL mode (ldaps). I can login from my 389-DS to my AD server with 389-console or Apache Directory Studio, but synchronize does not work.
Here are the error logs from 389-DS :
[19/Jan/2011:14:37:07 +0100] NSMMReplicationPlugin - agmt="cn=Synchro ldap" (WINSERVER:636): Unable to parse the response to the startReplication extended operation. Replication is aborting.
[19/Jan/2011:14:37:07 +0100] NSMMReplicationPlugin - agmt="cn=Synchro ldap" (WINSERVER:636): Incremental update failed and requires administrator action
If I try an ldapsearch :
/usr/lib64/mozldap/ldapsearch -ZZ -b "dc=mydomain,dc=com" -h WINSERVER -p 636 -R -D "CN=synchro ldap,CN=Users,DC=mydomain,DC=com" -w - "objectclass=*"
Enter bind password:
ldap_start_tls_s failed: (Can't contact LDAP server)
ldap_simple_bind: Can't contact LDAP server
ÂÂÂ TLS/SSL error -5961 (TCP connection reset by peer.)
I have open the ports 88, 389 and 636. Should I open all this ports ? :
http://technet.microsoft.com/fr-fr/library/bb967329.aspx
Any idea ?
-Regards
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
