• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

HowTO: Sync Active Directory with Directory Server

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
Thank you for the very helpful tutorial, I was able to get the sync working with passwords. But in a scenario where the 389 server has not been installed yet. And the passsync is installed on AD server and then the users are created since in Redhat's official docs say

"If any Active Directory user accounts exist when Password Sync is first installed, then the passwords for those user accounts cannot be synchronized until they are changed because Password Sync cannot decrypt a password once it has been hashed in Active Directory."

And then I follow your tutorial and then start the Sync agreement on 389 Directory Server, I am not able to get the passwords. I have to reset the passwords on the AD server to synchronize them. Why would I have to do that since according to redhat, all user account passwords are synced which are created after passync is first installed. Can you help me with this regard, is there any other approach to this problem?
 
Thank you for the very helpful tutorial, I was able to get the sync working with passwords. But in a scenario where the 389 server has not been installed yet. And the passsync is installed on AD server and then the users are created since in Redhat's official docs say

"If any Active Directory user accounts exist when Password Sync is first installed, then the passwords for those user accounts cannot be synchronized until they are changed because Password Sync cannot decrypt a password once it has been hashed in Active Directory."

And then I follow your tutorial and then start the Sync agreement on 389 Directory Server, I am not able to get the passwords. I have to reset the passwords on the AD server to synchronize them. Why would I have to do that since according to redhat, all user account passwords are synced which are created after passync is first installed. Can you help me with this regard, is there any other approach to this problem?

I don't really have an answer for you on this regard. This guide is now quite old. You may be better served investigating the Free-IPA server. I haven't really played with it myself but I know that it has absorbed a large portion of the 389 server stuff and added to it
 
Back