[Fedora-directory-users] Re: SYNC without password ...
Rich Megginson
rmeggins at redhat.com
Mon Oct 20 21:38:22 UTC 2008
Vipul Ramani wrote:
> HI Rich
>
> The ldapsearch output below looks correct. In your sync agreement, did
> you use labdc01.tf-lab.test2.com <http://labdc01.tf-lab.test2.com> or
> just labdc01? You have to use the FQDN. Is
>
>
> in winsync Aggreement i used FQDN ...
>
>
>
>
>
>
> /etc/dirsrv/slapd-linux2/slapd-linux2cert8.db a symlink to
> /etc/dirsrv/slapd-linux2/cert8.db? What is the relationship between
> slapd-linux2cert8.db and cert8.db?
>
>
>
> Yes you are right it is sym link.
> /etc/dirsrv/slapd-linux2/slapd-linux2cert8.db a symlink to
> /etc/dirsrv/slapd-linux2/cert8.db ....
The original error is this:
https://www.redhat.com/archives/fedora-directory-users/2008-October/msg00056.html
NSMMReplicationPlugin - agmt ="cn=vedant " ( labdc01:636) : simple bind
failed , LDAP sdk error 91 ( Can't connect to the LDAP server ) ,
Netscape Portable Runtime error - 8179 ( Peer's Certificate issuer is
not recoginzed )
That usually means that Fedora DS cannot verify the AD SSL server cert.
This is usually because Fedora DS doesn't have or trust the CA cert of
the CA that issued the AD SSL cert. The Peer in this case is the AD SSL
server, the issuer is the CA that issued the AD SSL server cert. I'm
not sure what the problem could be.
>
>
>
>
> Regards
> Vipul Ramani
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20081020/b41bc4c1/attachment.bin>
More information about the Fedora-directory-users
mailing list