On 10/23/2012 12:47 PM, Simo Sorce wrote: > On Tue, 2012-10-23 at 12:16 -0400, Dmitri Pal wrote: >> On 10/23/2012 07:50 AM, George Machitidze wrote: >>> Hi >>> >>> I'm testing MS AD integration, following document contents >>> http://docs.fedoraproject.org/en-US/Fedora/17/html/FreeIPA_Guide/managing-sync-agmt.html >>> >>> For 8.4.2. (Creating Synchronization Agreements) we've got "--passsync >>> secretpwd", but nowhere's said if user has to be created on MS AD >>> side, or if any package has to be installed. >> It is implied that this is the password of the administrative user that >> you already have on the AD side. > Nope, the password provided with that switch is used to create a special > sysaccount user named 'passsync' in IPA. > the DN of the user is: uid=passsync,cn=sysaccount,cn=etc,$suffix > > This user is used by the Windows Passsync plugin installed on AD domain > controllers. So this password is what you need to use when configuring > the Passync plugin together with the above dn template. > > Simo. > Then we should update our docs.
-- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
