Forum ‹‹ Linux Mail Server Setup and Howto Guide

On activating ssl no synchronising possible (multimaster) anymore passync error too

Page: 1

Reply to Post

Add a New Topic

User

Post

10:42 am
December 22, 2010

makamminga

Zwolle

Member

posts 3

Quote and Reply

Print this Post

Dear sir Consultant,

I've followed your steps over and over again within vmware. I did about 10 reinstalls, with fedora, then centos 5.5 en restoring snapshots over and again.

In your description you do not tell us how to setup ssl. Not that is that so hard, but when you can't figure out where the problem lies you gonna doubt yourself.

Succesfully i have synchronised between centos 5.5 389 directory server and AD.

I've created accounts in 389 and AD till I activated ldaps on AD. I thought, when enabling this on the AD you cannot connect without it anymore, so I went on with the steps to go.

If i perform the ssl troubleshoot code, i can connect fine. It allows me to setup a sync agreement and accepts it, but it does not synchronise the accounts. All info fields are filled in and also with the Unix attributes.

What must I do to get this going?

p.s. When i want to change the ca cert (internal software) it say's wrong password. What's up with that? According to the Red Hat documentation the AD server needs to get a certificate from the linuxserver and vica versa, but that does not seem to be the case. How do i overcome this?

p.s.2 Would you be so kind to answer all my questions?

Best regards and awaiting your answer,

Martijn

The Netherlands

10:23 am
December 23, 2010

makamminga

Zwolle

Member

posts 3

Quote and Reply

Print this Post

Post edited 8:42 am – December 25, 2010 by

I came across a broken_chain in my certificate from my AD server in Manage certifiates. Solved that one.

Now the only issue i have is the password sync. It appears that the password sync cannot bind to my to my linux server. Even after exporting the certificate Server-Cert and integrate it in Windows password sync. It keeps giving errors. I tried uid= and cn= in the directory server.

I thought maybe I can use ldp.exe to connect to linux. Is that possible? Anyway's, i cant connect. Not even on normal 389 connection.

This my log from passync:

12/23/10 13:44:45: PassSync service started
12/23/10 13:44:46: Error initializing SSL: err=-8192
12/23/10 13:44:46: Ensure that your SSL is setup correctly
12/23/10 13:44:46: PassSync service stopped
12/23/10 13:46:57: PassSync service started
12/23/10 13:46:57: Error initializing SSL: err=-8192
12/23/10 13:46:57: Ensure that your SSL is setup correctly
12/23/10 13:47:10: PassSync service stopped
12/23/10 13:52:26: PassSync service started
12/23/10 13:52:26: Failed to load entries from file
12/23/10 13:53:08: Ldap bind error in Connect
91: Can't connect to the LDAP server
12/23/10 13:53:08: Can not connect to ldap server in SyncPasswords

Does somebody know where the problem is?

Best regards,

Martijn

The Netherlands

ps. The multiple master does sync accounts over ssl now

6:08 pm
December 26, 2010

makamminga

Zwolle

Member

posts 3

Quote and Reply

Print this Post