Emmanuel BILLOT a écrit :
Rich Megginson a écrit :
Emmanuel BILLOT wrote:
Hi,
We've installed FDS, AD and a replication agrement. FDS data/passwords sync with AD AD passwords sync with FDS.
2 pbs are still unsolved :
- AD modifications (name, surname, mail) are not send or catched in FDS
I suppose you could enable the replication log level and see why this is not working. Note that changes may take up to 5 minutes to sync over to Fedora DS due to the way the sync works using the DirSync control. http://directory.fedoraproject.org/wiki/FAQ#Troubleshooting
- Passwords are not recognized after a Full init. FDS => AD full init = unable to log on AD (even if we manually
activate the account)
Here is the log extract : [26/Mar/2009:09:55:43 +0100] NSMMReplicationPlugin - agmt="cn=win" (porlsvrdc0003:636): No changes to send [26/Mar/2009:09:55:43 +0100] - Calling dirsync search request plugin [26/Mar/2009:09:55:43 +0100] - Sending dirsync search request [26/Mar/2009:09:55:43 +0100] NSMMReplicationPlugin - agmt="cn=win" (porlsvrdc0003:636): Beginning linger on the connection [26/Mar/2009:09:55:43 +0100] NSMMReplicationPlugin - agmt="cn=win" (porlsvrdc0003:636): Linger timeout has expired on the connection [26/Mar/2009:09:55:43 +0100] NSMMReplicationPlugin - agmt="cn=win" (porlsvrdc0003:636): State: sending_updates -> wait_for_changes [26/Mar/2009:09:55:43 +0100] NSMMReplicationPlugin - agmt="cn=win" (porlsvrdc0003:636): Disconnected from the consumer
I can't see any action.
Right. Passwords are not synced during full init. Full init only uses passwords in the database which are hashed and do not sync.
FDS -> AD passwd update = passwd ok in AD
Right. Passwd update uses clear text passwords.
Anyone has an idea ?
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Ok i found the pb : Replicating directory changes was not in the replicationg user rights.
All seems to be ok now.
Thanks.
BR,
389-users@lists.fedoraproject.org