[Fedora-directory-users] Problem with the synchronization agreement

ken oh kenoh23 at yahoo.fr
Mon Aug 18 12:00:41 UTC 2008


Hi,

I'm back from my vacations.

I sync the clock on fedora and windows 2003 server.
When I use the ldapsearch from the command line to bind and search the AD 
from fedora on port 389, I still have the same result :
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

I also used ldp.exe from Win 2003 server to test the connection between the 2 server and I got this message :
ld = cldap_open("servertest.tc.iut", 389);
Established connection to servertest.tc.iut.
Retrieving base DSA information...
Server error: <empty>
Error<94>: ldap_parse_result failed: No result present in message
Getting 0 entries:


So my problem comes from something else. For information I'm using fedora 9 under vmware workstation. Maybe the problem comes from here.
Or I've thought that the problem comes perhaps from a bad configured file.

Thanks










Date: Fri, 25 Jul 2008 14:52:57 +0530


Hi,

  While creating sync agrement Dont check the Enable ssl option,it
will work , and also check your certificates are proper on both
windows and linux directory server.Make sure CLOCK is in sync on both
windows and linux.

Regards,
pradeep


On 7/25/08, ken oh <kenoh23 yahoo fr> wrote:
> Thanks for your help
>
> I try your command with the right hostname "anubis"  (and not anubix) using
> the the sync and next the admin account in the command line and I get this
> result for both account :
> ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
>
> I don't know if this info can help but my ad server is in native mode.


>
From: Rich Megginson <rmeggins redhat com>To: kenoh23 yahoo fr,	"General discussion list for the Fedora Directory server project."	<fedora-directory-users redhat com>Cc: Subject: Re: [Fedora-directory-users] Problem with the synchronization	agreementDate: Thu, 24 Jul 2008 08:39:59 -0600





ken oh wrote:
Hi everybody,
 
I'm at the Windows Sync Server Info screen, I have completed all the 
fields. And when I click next, I got the message "Unable to contact 
Active Directory server, continue ?" using the ssl connection or not.
 
>From each side, I ping and I use a nslookup command to verify if the 
domain name is correct; and everything is ok.
 
So I would like to know if someone can help me with what goes wrong, 
thanks.
Try using ldapsearch from the command line to bind and search the AD 
from your linux box:
ldapsearch -x -h anubix -p 389 -D 
"cn=sync,cn=users,dc=tc-gea,dc=iut,dc=univ-metz,dc=fr" -w password -s 
base -b "cn=users,dc=tc-gea,dc=iut,dc=univ-metz,dc=fr" "(objectclass=*)"
Try 389 first to see if ldap is working - you'll have to do some 
additional configuration to get SSL working with ldapsearch.
I'm assuming you've done all of the SSL setup correctly - 
http://directory.fedoraproject.org/wiki/Howto:WindowsSync and 
http://directory.fedoraproject.org/wiki/Howto:SSL
This is my  Windows Sync Server Info screen, if that can help :
http://img291.imageshack.us/img291/4323/sync2ur5.jpg


      _____________________________________________________________________________ 
Envoyez avec Yahoo! Mail. Une boite mail plus intelligente http://mail.yahoo.fr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080818/332096ba/attachment.html>


More information about the 389-users mailing list