[Freeipa-devel] [PATCH] 894 add winsync info to ipa-replica-manage man page
Alexander Bokovoy
abokovoy at redhat.com
Fri Oct 14 05:04:19 UTC 2011
On Fri, 14 Oct 2011, Rob Crittenden wrote:
> Alexander Bokovoy wrote:
> >On Thu, 13 Oct 2011, Rob Crittenden wrote:
> >>Added more detailed information on creating a winsync replica to the
> >>ipa-replica-manage man page.
> >
> >>+Creating a Windows AD Synchronization agreement is similar to creating an IPA replication agreement, there are just a couple of extra steps:
> >>+.TP
> >>+1. Transfer the base64\-encoded Windows AD CA Certficate to your IPA Server
> >>+.TP
> >>+2. Remove any existing kerberos credentials
> >>+ # kdestroy
> >>+.TP
> >>+3) Add the winsync replication agreement
> >>+ # ipa\-replica\-manage connect \-\-winsync
> >>\-\-passsync=<bindpwd_for_syncuser_that will_be_used_for_agreement>
> >>\-\-cacert=/path/to/adscacert/WIN\-CA.cer \-\-binddn
> >>"cn=administrator,cn=users,dc=ipa,dc=qe" \-\-bindpw
> >><ads_administrator_password> \-v<adserver.fqdn>
> >Could you please make DN similar to what is below? There will be
> >confusion:
>
> Done. I also added a bit about the PassSync user and the AD bind dn.
ACK
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list