Hi, According to the IPA 3.0 Identity Management Guide chapter 15.1:
"Synchronization can only be configured with one Active Directory domain controller. However, it is possible to have a list of failover Active Directory domain controllers.² Later on, chapter 15.6 ŒManaging Password Synchronisation¹ states that the "Password Sync Service must be installed on each Active Directory domain controller." Do we need multiple AD-IPA replication agreements when there are multiple AD controllers in an AD domain? Cheers, Dave _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
