[Fedora-directory-users] FDS AD Sync

[Abdelrahman]

Hi all,
i have been playing with FDS for a couple of months now.

My company has about many windows machines and the users are on stored ldap.
and they want to control the access from the windows machines to the
internet through 802.1x authentication and without having to purchase a
third party client for them. up to my knowledge, windows doesn't support pap
authentication and there isn't a way that ldap support mschapv2
authentication.

While reading the documentation, i found out about the Pass sync. After
struggling for a while, i was able to start SSL on the FDS and my AD, i
installed pass sync on the windows machine and started a sync agreement
policy on the FDS.

Everything is working perfectly but i have the following problem:

When i start the sync between the FDS and AD, the accounts synced become
disabled by default of the AD, also, even when i enable them, their
passwords aren't copied at the first time.

I tried to enable a synced  account and login on a machine in the domain, a
message said that i am required to change the password for the first time,
so i concluded that passwords weren't copied with the account!

I thought that it was a policy on the windows domain controller, so i
disabled all the policies on it, especially the passwords ones.

I tried checking the logs but i don't know where to search or what for?!

I don't know what to do?

Regards
Abdelrahman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060329/c5edc3c2/attachment.htm>