[Fedora-directory-users] Errors when a full re-sync is initiated in Windows Sync. Could temp. changes in binding-user rights be the cause?
Erling Ringen Elvsrud
erlingre at gmail.com
Thu Nov 13 12:01:12 UTC 2008
On 11/10/08, Rich Megginson <rmeggins at redhat.com> wrote:
[...]
> Could be. The bind user used by windows sync must have read and write
> rights to the AD subtree.
If I have for instance,
ou=Linux,ou=delegation,dc=foo, dc=bar, dc=baz in AD
and in the synchronization agreement the
"Windows subtree" value is:
ou=Linux,ou=delegation,dc=foo, dc=bar, dc=baz
I have tried to limit the write-permissions for the binding-user to
only ou=Linux, but that causes synchronization to fail.
In which parts of the AD-tree does the binding-user need write access?
Does it need write access in dc=foo and all siblings?
Thanks again,
Erling
More information about the Fedora-directory-users
mailing list