Re: [389-users] 389 <=> AD group sync

Matti Alho Fri, 30 Nov 2012 00:30:14 -0800

I'm testing group sync between 389ds and Microsoft AD. It works
otherwise, but incremental updates are not working. Any changes to
groups on 389 side do not get synced to AD unless I do a full manual
update triggered via console. Syncing users works normally. Would
someone have an idea why?


Can you be more specific?  Can you provide your winsync config and an
example of what you are trying to do?


Ah sorry, here is an example of a group I'm trying to sync:

dn: cn=wingrouptemp,ou=People,dc=domain,dc=com
ntUniqueId: 9da16bd7236fb04285c419aefb9cb2a5
ntGroupCreateNewGroup: on
objectClass: top
objectClass: groupofuniquenames
objectClass: ntgroup
uniqueMember: uid=test1,ou=People,dc=domain,dc=com
uniqueMember: uid=test2,ou=People,dc=domain,dc=com
ntUserDomainId: wingrouptemp
cn: wingrouptemp

Sync agreement is set for ou=People,dc=domain,dc=com and has "NewWindows User Sync" and "New Windows Group Sync".


-Matti


--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: [389-users] 389 <=> AD group sync

Reply via email to