[Fedora-directory-users] Windows Active Directory sync Help!
Rich Megginson
rmeggins at redhat.com
Wed Jan 9 18:12:43 UTC 2008
kiran madala wrote:
> Hello,
>
> I am trying to sync the DS with AD. Since I am new to AD and DS I have few questions.
>
> I want to synchronize only users and groups so Is it necessary to enable SSL on Active Directory and connect to Active directory through SSL?
>
No. TLS/SSL is only required for password sync.
> In the replica settings the supplier DN user need to be on both AD and DS
No, only on AD
> with should be a Domain admin of the AD?
>
Domain admin is the easiest way to go - harder but safer would be to
create a special user that has read/write access to the subtree only.
> When trying to synchronize with AD the bind DN (In screen shot) user should be in both AD and DS?
>
>
> I have attached the screen shot of my final DS agreement window. I believe currently it is defined to synchronize users what changes I need to make it synchronize groups aswell.
>
You should definitely not use o=NetscapeRoot. When you ran setup, it
should have created a suffix for use with users and groups e.g.
dc=netscaper,dc=com
> Thanks in advance
> _________________________________________________________________
> Exercise your brain! Try Flexicon!
> http://puzzles.sympatico.msn.ca/chicktionary/index.html?icid=htmlsig
>
> ------------------------------------------------------------------------
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20080109/3560ba10/attachment.bin>
More information about the Fedora-directory-users
mailing list