Environment is Windows 2000 server, Fedora Core 3 w/ FDS 1.0 w/ the latest PassSync.msi
I have configured WinSync to use cn=replication manager,cn=config as the bind user. This user exists in FDS.
I enabled logging for the password sync service, and found the following entry in the passsync.log log:
12/09/05 11:17:06: Attempting to sync password for username
12/09/05 11:17:06: Searching for (ntuserdomainid=username)
12/09/05 11:17:06: Ldap error in ModifyPassword
50: Insufficient access
12/09/05 11:17:06: Modify password failed for remote entry: uid=username,ou=People, dc=domain, dc=com
12/09/05 11:17:06: Deferring password change for username
12/09/05 11:17:06: Backing off for 32000ms
So, there it is.. the third line of log entry "Insufficient access".
I assume that its an ACI problem with the cn=replication manager,cn=config user. I attempted to create an ACI to resolve the issue, but no luck.
(targetattr = "*") (target = "ldap:///uid=*,ou=People,dc=domain,dc=com") (version 3.0;acl "WinSync";allow (all,proxy)(userdn = "ldap:///cn=replication manager,cn=config");)
Some help would be greatly appreciated.
Thanks,
Bryan
-- Fedora-directory-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-directory-users
