1. The Windows DCs will be the master of the passwords. Users will need
to change their passwords in that environment.
Not true, the password synchronization is based upon certain attributes
in the database. 389 will only sync to AD if the ntuser objectClass is
available, and AD, it's posixAc
recreating it.
On Jul 17, 2013, at 12:59 PM, Kyle Johnson wrote:
> Pointing -CAfile to the ca public cert returns this:
>
> Verify return code: 0 (ok)
>
>
> I have just one CA, with no intermediates.
>
>
>
> On 2013-07-17 12:45, Dan Lavu wrote:
>
ssl command produces the same output.
>
> You're correct, I didn't not configure my CA cert to be used with openssl in
> openssl.cnf (on either box).
>
>
>
> On 2013-07-17 12:23, Dan Lavu wrote:
>
>> Sounds like your certificates are not setup correctly for t
ificate chain
> verify return:0
> ...
>
> Verify return code: 19 (self signed certificate in certificate chain)
>
>
>
> Kyle
>
>
>
> On 2013-07-17 12:04, Dan Lavu wrote:
>
>> Sorry the command is something like
>>
>> $ openssl s_client -
e two AD servers/domains. I could use the LDIF
export, but then I would lose the password replication I get with the
replication agreement.
I guess i will not be able to do what I think...
Thanks all.
2012/10/24 Dan Lavu :
> Juan,
>
> It's not designed to work that way, its
