[Fedora-directory-users] AD + FDS sync stops working?

To Ngan tngan at redhat.com
Wed Nov 29 19:06:32 UTC 2006 

Dan Oglesby wrote:
> -----Original Message-----
> From: fedora-directory-users-bounces at redhat.com
> [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of To Ngan
> Sent: Wednesday, November 29, 2006 11:15 AM
> To: General discussion list for the Fedora Directory server project.
> Subject: Re: [Fedora-directory-users] AD + FDS sync stops working?
>
> Dan Oglesby wrote:
>   
>> To Ngan wrote:
>>     
>>> Dan Oglesby wrote:
>>>       
>>>> I have two seperate installations of FDS 1.0.1 that were 
>>>> successfully configured to sync with two seperate AD controllers.  
>>>> They both worked fine for about six months, and both have stopped 
>>>> synchronizing information that should pass from the AD to FDS.  
>>>> Basically, if a user changes his or her password through AD, nothing 
>>>> changes on FDS.  If the password is changed through FDS, it does get 
>>>> pushed up to the AD controller.
>>>>
>>>> Has anyone else seen this happen?  There have been no changes made 
>>>> to either the FDS or AD configurations since the initial 
>>>> installation was completed. The AD servers are Windows 2000 and 
>>>> Windows 2003 on seperate domains.
>>>>
>>>> I've tried to uninstall and reinstall the PassSync software.  Every 
>>>> time that service is restarted, I see a connect via SSL in the logs 
>>>> in FDS, but nothing after that.
>>>>         
>>> Was the connect via SSL successful?
>>>
>>>       
>> It appears to be:
>>
>> [29/Nov/2006:09:42:29 -0600] conn=146041 fd=203 slot=203 SSL 
>> connection from 192.168.2.200 to 192.168.100.122
>> [29/Nov/2006:09:42:29 -0600] conn=146041 SSL 128-bit RC4
>> [29/Nov/2006:09:42:29 -0600] conn=146041 op=0 BIND dn="cn=directory 
>> manager" method=128 version=2
>> [29/Nov/2006:09:42:29 -0600] conn=146041 op=0 RESULT err=0 tag=97 
>> nentries=0 etime=0 dn="cn=directory manager"
>> [29/Nov/2006:09:42:29 -0600] conn=146041 op=1 UNBIND
>> [29/Nov/2006:09:42:29 -0600] conn=146041 op=1 fd=203 closed - U1
>>
>> That's all I ever see in the access log for the slapd server from my 
>> AD machine.
>>     
>
> Nothing in DS error log either?  How about the passsync log on your 
> Windows box? (either under windows/system32 or your passsync install 
> directory)
>
> I don't see any type of log for the passsync service in the program files
> area or the system/system32 directories.
>   
In windows registry->HKLM->Software->PasswordSync, try add string value 
"Log Level" and set it to "1".  Restart the passsync service.  This 
should log all transactions and errors.  Turn this back to "0" and 
restart passsync after troubleshooting.

> Error log on the FDS system has nothing other than start and stop
> information for the FDS server.
> Can you check your registry 
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20061129/94ea5ac9/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3233 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20061129/94ea5ac9/attachment.bin>

More information about the 389-users mailing list