Winsync require LDAPS for password sync. This domain user needs some privileges in ad - modifying, read, write on the synced subtree.

From ds point of view you configure normal user account for needs of sync with ad. This user doesn't need to be in your organization tree. You can place him in cn=config. I usually create account like cn=adsyncuser, cn=config without ocjectclasses providing normal system account attributes.

17 kwi 2013 16:40, "Aziza Lichir" <aziza.lichir@gmail.com> napisał(a):

Hey,
Thanks for your quick answer, for the moment I installed the 389 console on a WindowsXP machine and i want to know if i can replicate users from AD knowing that i only use a normal user account and without activating Ldaps ?

thanks for your help

___________________________________________________________

Aziza

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users