replicating specific attributes from AD to DS
by Paulo Cast
hi guys,
just wondering how to get specific attributes from AD
(cn=users,dc=domain,dc=com) replicated to DS (389-ds-base-1.3.8.1-1.fc27).
I already have the Windos Sync Agreement working so far but I can't get
few extra attributes like EmployeeID, EmployeeNumber, etc. Or nor can get
the password policy replicated. Any ideas in how to do it?
thx,
sergio
5 years, 12 months
- 3
- 2
PassSync issue
by DaV
Hi all,
There is an issue when I try to communicate between 389ds and
windows AD.
CentOS 7.4 (389ds server)
389-ds-base-1.3.6.1-16.el7.x86_64
Windows 2008R2 (AD DC)
389-PassSync-1.1.7-x86_64
I follow
http://www.port389.org/docs/389ds/howto/howto-windowssync.html#enabling-t...
to configure, but on windows AD, I can see log on C:\Program Files\389
Directory Password Synchronization\passsync.log06/01/18 08:54:21: PassSync service initialized
06/01/18 08:54:21: PassSync service running
06/01/18 08:54:21: dataFilename is C:\Windows\System32\passhook.dat
06/01/18 08:54:21: No entries yet
06/01/18 08:54:21: Ldap bind error in Connect
34: Invalid DN syntax
06/01/18 08:54:21: Password list is empty. Waiting for passhook event
06/01/18 10:01:57: Received passhook event. Attempting sync
06/01/18 10:01:57: 1 new entries loaded from data file
06/01/18 10:01:57: Cleared contents of data file
06/01/18 10:01:57: Password list has 1 entries
06/01/18 10:01:57: Ldap bind error in Connect
34: Invalid DN syntax
06/01/18 10:01:57: Attempting to sync password for ad_bind
06/01/18 10:01:57: Searching for (ntuserdomainid=ad_bind)
06/01/18 10:01:57: There are no entries that match: ad_bind
06/01/18 10:01:57: Deferring password change for ad_bind
06/01/18 10:01:57: Backing off for 2000ms
06/01/18 10:01:59: Backoff time expired. Attempting sync
06/01/18 10:01:59: Password list has 1 entries
06/01/18 10:01:59: Ldap bind error in Connect
34: Invalid DN syntax
06/01/18 10:01:59: Attempting to sync password for ad_bind
06/01/18 10:01:59: Searching for (ntuserdomainid=ad_bind)
06/01/18 10:01:59: There are no entries that match: ad_bind
06/01/18 10:01:59: Deferring password change for ad_bind
06/01/18 10:01:59: Backing off for 4000ms
What I want is that sync password from windows AD to 389ds(one way), no
any other data.Could you please provide some advice?
Thanks in advance!
Sincerely,
--
DaV
6 years
- 2
- 1