[Freeipa-devel] [PATCH] 894 add winsync info to ipa-replica-manage man page
Rob Crittenden
rcritten at redhat.com
Fri Oct 14 04:40:59 UTC 2011
Alexander Bokovoy wrote:
> On Thu, 13 Oct 2011, Rob Crittenden wrote:
>> Added more detailed information on creating a winsync replica to the
>> ipa-replica-manage man page.
>
>> +Creating a Windows AD Synchronization agreement is similar to creating an IPA replication agreement, there are just a couple of extra steps:
>> +.TP
>> +1. Transfer the base64\-encoded Windows AD CA Certficate to your IPA Server
>> +.TP
>> +2. Remove any existing kerberos credentials
>> + # kdestroy
>> +.TP
>> +3) Add the winsync replication agreement
>> + # ipa\-replica\-manage connect \-\-winsync
>> \-\-passsync=<bindpwd_for_syncuser_that will_be_used_for_agreement>
>> \-\-cacert=/path/to/adscacert/WIN\-CA.cer \-\-binddn
>> "cn=administrator,cn=users,dc=ipa,dc=qe" \-\-bindpw
>> <ads_administrator_password> \-v<adserver.fqdn>
> Could you please make DN similar to what is below? There will be
> confusion:
Done. I also added a bit about the PassSync user and the AD bind dn.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-894-2-winsync.patch
Type: text/x-patch
Size: 3865 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20111014/86016c3d/attachment.bin>
More information about the Freeipa-devel
mailing list