Yes and that button allows you to install server cert (again generated in your case on AD CA) . CA tab allows you to install CA cert.
Greg. 27 mar 2013 16:33, "alexandre" <axel0fe...@gmail.com> napisał(a): > Sorry my capture is not on the mail, it's the point 12.2.1. 4.c.Go to > the *CA Certs* tab, and click *Install* at the bottom of the window. > On this link: > https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Windows_Sync-Configuring_Windows_Sync.html > > Thanks > > > 2013/3/27 alexandre <axel0fe...@gmail.com> > >> Thanks for the new Link ! >> >> @Rich Megginson "It's not the 389DS server certificate, but the CA >> certificate for the CA that issued the 389DS server certificate, that you >> need for PassSync" >> >> @Grzegorz Dwornicki "But you must generate cert for DS on AD CA. Then >> you need to import this cert with AD CA cert on DS" >> >> Sorry I don't understand "CA certificate for the CA that issued the 389DS >> server certificate", I have to export this one below to the AD? (it's empty >> on this capture, but with CA certificate on my directory server): >> >> >> >> @Grzegorz Dwornicki --> do you have a procedure to do that ? I don't >> find in redhat documentation. (when you said AD CA, do you consider that >> AD CA = Authority installed on my AD ?) >> >> Many thanks, for your answers. And your patience about my translation >> problems. >> >> Best regards, >> Alex >> >> >> >> >> 2013/3/27 Grzegorz Dwornicki <gd1...@gmail.com> >> >>> I had missunderstood you im this case. No you don't need to create >>> second CA. But you must generate cert for DS on AD CA. Then you need to >>> import this cert with AD CA cert on DS >>> >>> Greg. >>> 27 mar 2013 15:41, "alexandre" <axel0fe...@gmail.com> napisał(a): >>> >>> I'm really impressed by the reactivity of this list !!! >>>> >>>> Sorry my understanding is not perfect because i'm french, so I don't >>>> have any CA in my DS, I have one CA (installed on my domain controller). >>>> >>>> Do I need to install a CA in my DS ? (when I write CA for me it means a >>>> Authority). >>>> >>>> >>>> Alex >>>> >>>> >>>> 2013/3/27 Grzegorz Dwornicki <gd1...@gmail.com> >>>> >>>>> If you have diferent CA in AD vs DS then you need to do this import. >>>>> >>>>> AD by default don't use LDAPS or STARTSSL soo you need to install ms >>>>> cert CA stuff. >>>>> >>>>> Greg. >>>>> 27 mar 2013 15:07, "alexandre" <axel0fe...@gmail.com> napisał(a): >>>>> >>>>>> Hello, >>>>>> >>>>>> I try to follow this procedure : >>>>>> >>>>>> >>>>>> https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Windows_Sync-Configuring_Windows_Sync.html >>>>>> >>>>>> Everything works fine, except I don't understand right this line: >>>>>> >>>>>> "Import the CA certificate from Directory Server into Active >>>>>> Directory. Click *Trusted Root CA*, then *Import*, and browse for >>>>>> the Directory Server CA certificate." >>>>>> >>>>>> For me CA certificate, it's a certificate from the Authority, so in >>>>>> my Active Directory the certificate from the authority is already know in >>>>>> the Trusted Root CA. >>>>>> >>>>>> So, do I need to import 389DS server certificate in my active >>>>>> directory ? >>>>>> >>>>>> And finally, there is no indication to do that, someone can help me >>>>>> to pass through ? >>>>>> >>>>>> Thanks in advance. >>>>>> >>>>>> Best regards, >>>>>> Alex >>>>>> >>>>>> -- >>>>>> 389 users mailing list >>>>>> 389-us...@lists.fedoraproject.org >>>>>> https://admin.fedoraproject.org/mailman/listinfo/389-users >>>>>> >>>>> >>>>> -- >>>>> 389 users mailing list >>>>> 389-us...@lists.fedoraproject.org >>>>> https://admin.fedoraproject.org/mailman/listinfo/389-users >>>>> >>>> >>>> >>>> -- >>>> 389 users mailing list >>>> 389-us...@lists.fedoraproject.org >>>> https://admin.fedoraproject.org/mailman/listinfo/389-users >>>> >>> >>> -- >>> 389 users mailing list >>> 389-us...@lists.fedoraproject.org >>> https://admin.fedoraproject.org/mailman/listinfo/389-users >>> >> >> > > -- > 389 users mailing list > 389-us...@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users >
-- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users