[Fedora-directory-users] Windows data sync

Emmanuel BILLOT emmanuel.billot at ird.fr
Thu Mar 26 09:45:47 UTC 2009 

Emmanuel BILLOT a écrit :
> Rich Megginson a écrit :
>> Emmanuel BILLOT wrote:
>>> Hi,
>>>
>>> We've installed FDS, AD and a replication agrement.
>>> FDS data/passwords sync with AD
>>> AD passwords sync with FDS.
>>>
>>> 2 pbs are still unsolved :
>>> - AD modifications (name, surname, mail) are not send or catched in FDS
>> I suppose you could enable the replication log level and see why this 
>> is not working.  Note that changes may take up to 5 minutes to sync 
>> over to Fedora DS due to the way the sync works using the DirSync 
>> control.
>> http://directory.fedoraproject.org/wiki/FAQ#Troubleshooting
>>> - Passwords are not recognized after a Full init.
>>>    FDS => AD full init = unable to log on AD (even if we manually 
>>> activate the account)
> Here is the log extract :
> [26/Mar/2009:09:55:43 +0100] NSMMReplicationPlugin - agmt="cn=win" 
> (porlsvrdc0003:636): No changes to send
> [26/Mar/2009:09:55:43 +0100] - Calling dirsync search request plugin
> [26/Mar/2009:09:55:43 +0100] - Sending dirsync search request
> [26/Mar/2009:09:55:43 +0100] NSMMReplicationPlugin - agmt="cn=win" 
> (porlsvrdc0003:636): Beginning linger on the connection
> [26/Mar/2009:09:55:43 +0100] NSMMReplicationPlugin - agmt="cn=win" 
> (porlsvrdc0003:636): Linger timeout has expired on the connection
> [26/Mar/2009:09:55:43 +0100] NSMMReplicationPlugin - agmt="cn=win" 
> (porlsvrdc0003:636): State: sending_updates -> wait_for_changes
> [26/Mar/2009:09:55:43 +0100] NSMMReplicationPlugin - agmt="cn=win" 
> (porlsvrdc0003:636): Disconnected from the consumer
>
> I can't see any action.
>> Right.  Passwords are not synced during full init.  Full init only 
>> uses passwords in the database which are hashed and do not sync.
>>>    FDS -> AD passwd update = passwd ok in AD
>> Right.  Passwd update uses clear text passwords.
>>>
>>> Anyone has an idea ?
>>>
>>
>> ------------------------------------------------------------------------
>>
>> -- 
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>   
>
>
Ok i found the pb :
Replicating directory changes was not in the replicationg user rights.

All seems to be ok now.

Thanks.

BR,


-- 
==========================================
Emmanuel BILLOT
IRD - Orléans
Délégation aux Systèmes d'Information (DSI)
tél : 02 38 49 95 88
==========================================

More information about the 389-users mailing list