I have followed RHDS Admin guide and Howto:WindowsSync several times, but I keep getting this error:
ldapsearch -Z -P . -h ad-host -p 636 -D "cn=administrator,cn=users,dc=xxx,dc=xxx,dc=xxx" -w - -s base -b "" "objectclass=*" -v
Enter bind password: ldapsearch: started Tue Jun 6 11:28:46 2006
ldap_init( ad-host, 636 ) ldaptool_getcertpath -- . ldaptool_getkeypath -- . ldaptool_getmodpath -- (null) ldaptool_getdonglefilename -- (null) ldap_simple_bind: Can't contact LDAP server SSL error -8179 (Peer's Certificate issuer is not recognized.)
I can search FDS over SSL. I have exported the Server-Cert from FDS and imported it into AD (PassSync).
I have changed the trust attributes per the Howto, eventhough the attributes only change to "CT,C,C (CA certificate)" and "Pu,Pu,Pu Server-Cert"
389-users@lists.fedoraproject.org