[Fedora-directory-users] PassSync only working one way
Jeff Gamsby
JFGamsby at lbl.gov
Tue Jun 13 22:08:03 UTC 2006
I thought that I had the PassSync working until I ran into this problem:
Passwords are not synchronized from FDS to AD. When accounts are added
to FDS, they do show up in AD ( Although sometimes the cn attribute gets
base64 encoded ), but I cannot authenticate to AD. When I change
passwords in the FDS side, they are not changed ( or not sent ) to AD.
If I change passwords in AD, they are changed in the FDS.
The logs show that something is happening (changed host names and dn's)
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): No linger to cancel on the connection
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin -
windows_acquire_replica returned success (101)
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): State: ready_to_acquire_replica -> sending_updates
[13/Jun/2006:15:03:41 -0700] - _cl5PositionCursorForReplay (agmt="cn=AD"
(ad:636)): Consumer RUV:
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): {replicageneration} 448f18ae000000010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): {replica 1 ldap://fds:389} 448f18e4000100010000
448f363d03d400010000 448f363d
[13/Jun/2006:15:03:41 -0700] - _cl5PositionCursorForReplay (agmt="cn=AD"
(ad:636)): Supplier RUV:
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): {replicageneration} 448f18ae000000010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): {replica 1 ldap://fds:389} 448f18e4000100010000
448f363d03d700010000 448f363d
[13/Jun/2006:15:03:41 -0700] agmt="cn=AD" (ad:636) - session start:
anchorcsn=448f363d03d400010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - changelog program -
agmt="cn=AD" (ad:636): CSN 448f363d03d400010000 found, position set for
replay
[13/Jun/2006:15:03:41 -0700] agmt="cn=AD" (ad:636) - load=1 rec=1
csn=448f363d03d600010000
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): windows_replay_update: Looking at modify operation local
dn="uid=user,ou=people,dc=server,dc=,dc=" (ours,user,not group)
[13/Jun/2006:15:03:41 -0700] NSMMReplicationPlugin - agmt="cn=AD"
(ad:636): windows_replay_update: Processing modify operation local
dn="uid=user,ou=people,dc=server,dc=,dc=" remote
dn="<GUID=16f869dcfdde3d42bcb075fd4a1c7980>"
I'm not sure what is going on, I can talk via SSL from FDS to AD, and
I'm assuming that the PassSync service is working properly since the
changes from AD to FDS work.
Any suggestions?
More information about the 389-users
mailing list