Christian A. Rodriguez wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Rich Megginson escribió:
> Christian A. Rodriguez wrote:
>
>> First of all I have to mention that Windows Users & Groups were
>> created before Fedora Directory was installed, so when FDS was
>> installed I started up with replicated windows users in FDS without
>> passwords being synchronized. Therefore, the scenario is a Windows
>> tree with users (with passwords) & groups and FDS with users and
>> groups replicated without their passwords.
>>
>> I am trying to define a mechanism to reset every password in both
>> directories so they begin to work synchronized.
>>
>> Doing some tests, I realized that a change made in Windows is
>> replicated into FDS binding as the users subject of change, so as the
>> entry doesn't have it's password, the following lines are logged in
>> FDS access log:
>>
>> [08/Jan/2008:15:51:35 -0300] conn=1033 op=0 BIND
>> dn="uid=USERXXX,OU=People,ou=Active Directory,dc=example,dc=com"
>> method=128 version=2
>> [08/Jan/2008:15:51:35 -0300] conn=1033 op=0 RESULT err=49 tag=97
>> nentries=0 etime=0
>> [08/Jan/2008:15:51:35 -0300] conn=1033 op=1 UNBIND
>> [08/Jan/2008:15:51:35 -0300] conn=1033 op=1 fd=80 closed - U1
>> [08/Jan/2008:15:51:35 -0300] conn=1032 op=2 RESULT err=50 tag=103
>> nentries=0 etime=0
>> [08/Jan/2008:15:51:35 -0300] conn=1032 op=3 UNBIND
>>
>> I haven't found any documentation about inbound changes, specifically
>> password change, being done as the same user subject of the change. Is
>> this true?
>>
> Yes. That's how it verifies the new password is valid.
>
So, how can I do to define a procedure for initializing both
directories?
I'm not sure what you mean. For passwords, you just need to
set/reset
the clear text password on either side, either the AD side or the Fedora
DS side. Assuming you have windows sync and password sync configured
correctly, setting/resetting the clear text password on AD will sync it
to Fedora DS, and vice versa.
Are there any tips?
Thanks
>> Thanks in advance, and sorry for my bad English
>>
>>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
- --
Lic. Christian A. Rodriguez
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iD8DBQFHhYjaLiwwyzG4Y1QRAp8YAJ4lJEr2/lFBEDIF5m2Ck6Z8tEd2UQCfVBUu
xen2FPcuKSep8a3xj5kfQf4=
=ji/K
-----END PGP SIGNATURE-----
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users