[389-users] Passsync not changing passwords
Daniel Franciscus
dfrancis at ias.edu
Wed Feb 18 23:19:08 UTC 2015
Ah, I do not see passhook.dat or passhook.log. I tried uninstalling and re-installing but I still do not see those files there.
Dan Franciscus
Systems Administrator
Information Technology Group
Institute for Advanced Study
609-734-8138
----- Original Message -----
From: "Noriko Hosoi" <nhosoi at redhat.com>
To: 389-users at lists.fedoraproject.org
Sent: Wednesday, February 18, 2015 5:24:33 PM
Subject: Re: [389-users] Passsync not changing passwords
On 02/18/2015 11:45 AM, Daniel Franciscus wrote:
Yes, logging is set to 1. No errors at all, as if passsync is not detecting a password change.
Sorry, I was not precise about the passhook log.
cd C:\windows\system32
ls passhook*
You should be able to see 3 files: passhook.dat, passhook.dll, and passhook.log.
Do you see any logs in the passhook.log file? For instance, my test shows these messages on successful sync. Do you see them?
<blockquote>
02/18/15 14:16:34 user AD_sync_user6 password changed
02/18/15 14:16:34 0 entries loaded from file
02/18/15 14:16:34 1 entries saved to file
</blockquote>
If empty even if you update any password on AD, you may need to reboot the Windows machine...
<blockquote>
I am going to reboot the server after production hours again to see if that resolves it.
Dan Franciscus
Systems Administrator
Information Technology Group
Institute for Advanced Study
609-734-8138
----- Original Message -----
From: "Noriko Hosoi" <nhosoi at redhat.com>
To: 389-users at lists.fedoraproject.org
Sent: Wednesday, February 18, 2015 2:01:41 PM
Subject: Re: [389-users] Passsync not changing passwords
On 02/18/2015 05:17 AM, Daniel Franciscus wrote:
<blockquote>
Hello,
We have two Windows server 2003 domain controllers and I installed passsync on both servers in order to sync password changes to our 389 LDAP. On one domain controller, it appears passsync is working correctly as I can see in the passsync.log when I change a password through that domain controller. On the other domain controller, when I change a password I do not see any activity in the passsync.log at all. I have passsync on both domain controllers set to verbose logging. I also restarted both domain controllers after installing passsync.
On the domain controller that is not syncing passwords the log appears as:
02/18/15 07:52:59: PassSync service initialized
02/18/15 07:52:59: PassSync service running
02/18/15 07:52:59: No entries yet
02/18/15 07:52:59: Password list is empty. Waiting for passhook event
Does anyone have an idea of what the issue could be?
</blockquote>
What is the version of PassSync? The latest is 1.1.6.
http://www.port389.org/docs/389ds/releases/release-passsync-1-1-6.html
Did yo have a chance to enable passhook log?
In the regedit, go to: HKEY_LOCAK_MACHINE --> SOFTWARE\PasswordSync
then, set 1 to Log Level.
If you add or modify a password on the Windows Server 2003 domain cotroller, what do you get? Any errors?
<blockquote>
Dan Franciscus
Systems Administrator
Information Technology Group
Institute for Advanced Study
609-734-8138
--
389 users mailing list 389-users at lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
</blockquote>
--
389 users mailing list
389-users at lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list 389-users at lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
</blockquote>
--
389 users mailing list
389-users at lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20150218/d237846f/attachment.html>
More information about the 389-users
mailing list