<p dir="ltr">Winsync require LDAPS for password sync. This domain user needs some privileges in ad - modifying, read, write on the synced subtree. </p>
<p dir="ltr">From ds point of view you configure normal user account for needs of sync with ad. This user doesn't need to be in your organization tree. You can place him in cn=config. I usually create account like cn=adsyncuser, cn=config without ocjectclasses providing normal system account attributes. </p>
<p dir="ltr">Hope this helps you </p>
<div class="gmail_quote">17 kwi 2013 16:40, "Aziza Lichir" <<a href="mailto:aziza.lichir@gmail.com">aziza.lichir@gmail.com</a>> napisał(a):<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr"><div><div>Hey,<br></div>Thanks for your quick answer, for the moment I installed the 389 console on a WindowsXP machine and i want to know if i can replicate users from AD knowing that i only use a normal user account and without activating Ldaps ?<br>
<br></div>thanks for your help<br><div class="gmail_extra"><br><br><div><b>___________________________________________________________</b></div>
<div><b><font face="times new roman,serif" size="4"><i></i></font></b> </div>
<div><b><font face="times new roman,serif" size="4"><i>Aziza <br></i></font></b></div>
<div><b><br></b></div>
</div></div>
<br>--<br>
389 users mailing list<br>
<a href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br></blockquote></div>