Sorry my capture is not on the mail, it's the point 12.2.1. 4.c.Go to the *CA Certs* tab, and click *Install* at the bottom of the window. On this link: https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Windows_Sync-Configuring_Windows_Sync.html
Thanks 2013/3/27 alexandre <axel0fe...@gmail.com> > Thanks for the new Link ! > > @Rich Megginson "It's not the 389DS server certificate, but the CA > certificate for the CA that issued the 389DS server certificate, that you > need for PassSync" > > @Grzegorz Dwornicki "But you must generate cert for DS on AD CA. Then > you need to import this cert with AD CA cert on DS" > > Sorry I don't understand "CA certificate for the CA that issued the 389DS > server certificate", I have to export this one below to the AD? (it's empty > on this capture, but with CA certificate on my directory server): > > > > @Grzegorz Dwornicki --> do you have a procedure to do that ? I don't find > in redhat documentation. (when you said AD CA, do you consider that AD CA > = Authority installed on my AD ?) > > Many thanks, for your answers. And your patience about my translation > problems. > > Best regards, > Alex > > > > > 2013/3/27 Grzegorz Dwornicki <gd1...@gmail.com> > >> I had missunderstood you im this case. No you don't need to create second >> CA. But you must generate cert for DS on AD CA. Then you need to import >> this cert with AD CA cert on DS >> >> Greg. >> 27 mar 2013 15:41, "alexandre" <axel0fe...@gmail.com> napisał(a): >> >> I'm really impressed by the reactivity of this list !!! >>> >>> Sorry my understanding is not perfect because i'm french, so I don't >>> have any CA in my DS, I have one CA (installed on my domain controller). >>> >>> Do I need to install a CA in my DS ? (when I write CA for me it means a >>> Authority). >>> >>> >>> Alex >>> >>> >>> 2013/3/27 Grzegorz Dwornicki <gd1...@gmail.com> >>> >>>> If you have diferent CA in AD vs DS then you need to do this import. >>>> >>>> AD by default don't use LDAPS or STARTSSL soo you need to install ms >>>> cert CA stuff. >>>> >>>> Greg. >>>> 27 mar 2013 15:07, "alexandre" <axel0fe...@gmail.com> napisał(a): >>>> >>>>> Hello, >>>>> >>>>> I try to follow this procedure : >>>>> >>>>> >>>>> https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Windows_Sync-Configuring_Windows_Sync.html >>>>> >>>>> Everything works fine, except I don't understand right this line: >>>>> >>>>> "Import the CA certificate from Directory Server into Active >>>>> Directory. Click *Trusted Root CA*, then *Import*, and browse for the >>>>> Directory Server CA certificate." >>>>> >>>>> For me CA certificate, it's a certificate from the Authority, so in my >>>>> Active Directory the certificate from the authority is already know in >>>>> the Trusted >>>>> Root CA. >>>>> >>>>> So, do I need to import 389DS server certificate in my active >>>>> directory ? >>>>> >>>>> And finally, there is no indication to do that, someone can help me to >>>>> pass through ? >>>>> >>>>> Thanks in advance. >>>>> >>>>> Best regards, >>>>> Alex >>>>> >>>>> -- >>>>> 389 users mailing list >>>>> 389-us...@lists.fedoraproject.org >>>>> https://admin.fedoraproject.org/mailman/listinfo/389-users >>>>> >>>> >>>> -- >>>> 389 users mailing list >>>> 389-us...@lists.fedoraproject.org >>>> https://admin.fedoraproject.org/mailman/listinfo/389-users >>>> >>> >>> >>> -- >>> 389 users mailing list >>> 389-us...@lists.fedoraproject.org >>> https://admin.fedoraproject.org/mailman/listinfo/389-users >>> >> >> -- >> 389 users mailing list >> 389-us...@lists.fedoraproject.org >> https://admin.fedoraproject.org/mailman/listinfo/389-users >> > >
-- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
