[389-users] replica from DS to AD
Rich Megginson
rmeggins at redhat.com
Fri Aug 28 14:52:31 UTC 2015
On 08/28/2015 04:46 AM, Fabien Gasbayet wrote:
>
> Hi,
>
> I have 2 questions.
>
> 1 - On this diagram :
>
> https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Windows_Sync.html#Windows_Sync-About_Windows_Sync
>
> Password replication seems bi-directional…
>
> But on my attemps…
>
> from DS to AD, I can sync users but passwords are always blank.
>
> Only if I change passwords on AD, they’ll be replicated on DS.
>
Correct. This is the way password sync works - you have to change the
password in order to sync it, because this is the only time we have the
clear text password. We cannot sync existing passwords which are
already hashed/encrypted. We must have the clear text password which is
only available when the password is changed.
> 2- If I delete an user on DS and lauch the replication… The user is
> not removed on AD.
>
> So, is it possible to sync password from DS to AD ?
>
> And is it possible to delete users on DS with replica on AD ?
>
> Thanks a lot
>
> Best regards
>
> Fabien
>
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20150828/1707fe88/attachment.html>
More information about the 389-users
mailing list