On Tue, 2012-10-23 at 12:16 -0400, Dmitri Pal wrote: > On 10/23/2012 07:50 AM, George Machitidze wrote: > > Hi > > > > I'm testing MS AD integration, following document contents > > http://docs.fedoraproject.org/en-US/Fedora/17/html/FreeIPA_Guide/managing-sync-agmt.html > > > > For 8.4.2. (Creating Synchronization Agreements) we've got "--passsync > > secretpwd", but nowhere's said if user has to be created on MS AD > > side, or if any package has to be installed. > > It is implied that this is the password of the administrative user that > you already have on the AD side.
Nope, the password provided with that switch is used to create a special sysaccount user named 'passsync' in IPA. the DN of the user is: uid=passsync,cn=sysaccount,cn=etc,$suffix This user is used by the Windows Passsync plugin installed on AD domain controllers. So this password is what you need to use when configuring the Passync plugin together with the above dn template. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
