Thanks Rich for the answer. A few more questions:
Does existing password get synced during the initial full
re-sychronization? or does it only sync changes?
Does container entries got synced as well? Say, if a new OU was created
on AD, will that be synced on 389?
Thanks,
Mi
On Mon, 2011-06-27 at 14:50 -0500, Rich Megginson wrote:
> On 06/27/2011 01:38 PM, Mi Zhou wrote:
> > Hi,
> >
> > I am exploring the possibilities of us setting up a 389 server and have
> > it synchronize with our AD.
> >
> > I read that both 389 and AD have to be running SSL. We have multiple
> > domain controllers that trust each other, some running SSL, some not. I
> > wonder if every one of them have to be running SSL to make sync work.
> For passwords, yes. AD will not accept a password change unless the
> connection is TLS/SSL encrypted.
> > Also does "passsync" have to be installed on every domain controllers?
> Yes.
> > Thanks a lot,
> >
> > Mi
> >
> >
> >
> > Email Disclaimer: www.stjude.org/emaildisclaimer
> >
> > --
> > 389 users mailing list
> > 389-users@lists.fedoraproject.org
> > https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
--
Mi Zhou
System Integration Engineer
Information Sciences
St. Jude Children's Research Hospital
262 Danny Thomas Pl. MS 312
Memphis, TN 38105
901.595.5771
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
