From my tests, no. OU's have to created and deleted manually in 389. For
passwords, they have to be reset in AD since only passsync can pick them
up. You can replicate any OU, just create the sub containers first and
initiate a full resynchronization.
On Mon, Jun 27, 2011 at 4:16 PM,
Hi,
I am exploring the possibilities of us setting up a 389 server and have
it synchronize with our AD.
I read that both 389 and AD have to be running SSL. We have multiple
domain controllers that trust each other, some running SSL, some not. I
wonder if every one of them have to be running SSL
On 06/27/2011 01:38 PM, Mi Zhou wrote:
Hi,
I am exploring the possibilities of us setting up a 389 server and have
it synchronize with our AD.
I read that both 389 and AD have to be running SSL. We have multiple
domain controllers that trust each other, some running SSL, some not. I
wonder
Thanks Rich for the answer. A few more questions:
Does existing password get synced during the initial full
re-sychronization? or does it only sync changes?
Does container entries got synced as well? Say, if a new OU was created
on AD, will that be synced on 389?
Thanks,
Mi
On Mon, 2011-06-27
On 06/27/2011 02:28 PM, Mi Zhou wrote:
Does container entries got synced as well? Say, if a new OU was created
on AD, will that be synced on 389?
During the initial sync init phase - yes. During the incremental phase
- no.
Can we initiate a full resync to get this done, or it must be