[389-users] Multi-master replication + AD password synchronisation
Johan Venter
mythtv at vulturest.com
Sun Aug 8 23:59:39 UTC 2010
On 7/08/2010 3:19 AM, Rich Megginson wrote:
> Johan Venter wrote:
<snip most of my original text>
>> Looking at the documentation at
>> http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Windows_Sync.html#Windows_Sync-About_Windows_Sync
>> there are no caveats mentioned regarding multi-master replication and AD
>> password sync, in fact their provided architecture diagram (lower part
>> of the page) seems to indicate it should work in this situation.
>>
> I guess we should make it clear, because it does not work. See
> https://bugzilla.redhat.com/show_bug.cgi?id=182507
Hi Rich,
Thanks for the reply. Noting that the bug you linked to was reported
early 2006, and then was modified in 2009 (and apparently pushed to 8.2
of RHDS), is there any reason to expect that this particular issue will
be solved any time soon in 389?
389 is a fantastic product, and while we can work around the issue by
only pointing the apps that can change LDAP passwords to the server with
the sync agreement to AD, this kind of defeats the purpose of
multi-master replication for this particular setup - sync to AD is
touted as an important feature of 389 (at least, it's one of the
features that I'm sure I'm not alone in wanting and that in large part
swayed the choice to use 389), and this particular caveat is not
mentioned in any of the documentation that I've seen.
Many regards,
Johan
More information about the 389-users
mailing list