[Fedora-directory-users] admin-serv error log
Nathan Kinder
nkinder at redhat.com
Tue Jun 20 18:31:35 UTC 2006
Jeff Gamsby wrote:
>
>
>>>
>> I think that you are getting hung up on a display issue. The
>> supplier is just listed as a string to identify the instance. The
>> synchronization is always[*] initiated from the FDS side, so as long
>> as you are trying to connect to AD via SSL, everything will be
>> encrypted.
>>
>> [*] The one exception to this is the PassSync service installed on
>> the windows side. You need to configure this to connect to FDS over
>> the SSL port.
>>
>> -NGK
>>
> OK, but when I set it up this way and I check the replication logs, I
> see the suppliers port, and it's listed as 389. When configuring
> PassSync, I do put it in secure mode with the secure port. So it
> doesn't matter, since the PassSync config is set to SSL, and the FDS
> to AD has to be SSL, then that 389 is just an identifier?
Yes, that's just an identifier used in the synchronization agreement.
To check if the PassSync connection in truly using SSL, check the
access log on the FDS side. I'm not sure what connection logging AD
provides, but there may be something similar. If not, you can use
ethereal to verify that the traffic is being encrypted.
-NGK
>
> Jeff
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20060620/7ed500a8/attachment.bin>
More information about the 389-users
mailing list