[389-users] Multi-master replication + AD password synchronisation
Rich Megginson
rmeggins at redhat.com
Mon Aug 9 14:13:09 UTC 2010
Johan Venter wrote:
> On 7/08/2010 3:19 AM, Rich Megginson wrote:
>
>> Johan Venter wrote:
>>
> <snip most of my original text>
>
>>> Looking at the documentation at
>>> http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Windows_Sync.html#Windows_Sync-About_Windows_Sync
>>> there are no caveats mentioned regarding multi-master replication and AD
>>> password sync, in fact their provided architecture diagram (lower part
>>> of the page) seems to indicate it should work in this situation.
>>>
>>>
>> I guess we should make it clear, because it does not work. See
>> https://bugzilla.redhat.com/show_bug.cgi?id=182507
>>
>
> Hi Rich,
>
> Thanks for the reply. Noting that the bug you linked to was reported
> early 2006, and then was modified in 2009 (and apparently pushed to 8.2
> of RHDS), is there any reason to expect that this particular issue will
> be solved any time soon in 389?
>
Nothing was done for this issue for RHDS 8.2. We may address this issue
in a later release.
> 389 is a fantastic product, and while we can work around the issue by
> only pointing the apps that can change LDAP passwords to the server with
> the sync agreement to AD, this kind of defeats the purpose of
> multi-master replication for this particular setup - sync to AD is
> touted as an important feature of 389 (at least, it's one of the
> features that I'm sure I'm not alone in wanting and that in large part
> swayed the choice to use 389), and this particular caveat is not
> mentioned in any of the documentation that I've seen.
>
> Many regards,
> Johan
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
More information about the 389-users
mailing list