[Freeipa-users] Passsync details missing
Simo Sorce
simo at redhat.com
Tue Oct 23 16:47:50 UTC 2012
On Tue, 2012-10-23 at 12:16 -0400, Dmitri Pal wrote:
> On 10/23/2012 07:50 AM, George Machitidze wrote:
> > Hi
> >
> > I'm testing MS AD integration, following document contents
> > http://docs.fedoraproject.org/en-US/Fedora/17/html/FreeIPA_Guide/managing-sync-agmt.html
> >
> > For 8.4.2. (Creating Synchronization Agreements) we've got "--passsync
> > secretpwd", but nowhere's said if user has to be created on MS AD
> > side, or if any package has to be installed.
>
> It is implied that this is the password of the administrative user that
> you already have on the AD side.
Nope, the password provided with that switch is used to create a special
sysaccount user named 'passsync' in IPA.
the DN of the user is: uid=passsync,cn=sysaccount,cn=etc,$suffix
This user is used by the Windows Passsync plugin installed on AD domain
controllers. So this password is what you need to use when configuring
the Passync plugin together with the above dn template.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list