我正在尝试按照 Red Hat 设置 FreeIPA 和 Active Directory 同步文档。
ipa-replica-manage 命令返回成功,但没有在 FreeIPA 中导入用户:
[root@ipa ~]# ipa-replica-manage connect --winsync --binddn='cn=ipasync,cn=Users,dc=ipa,dc=local' --bindpw='####' --passsync #### --cacert ipa-a-v
Directory Manager password:
Added CA certificate ipa-ad.cloud.620nm.net.cer to certificate database for ipa.cloud.620nm.net
ipa: INFO: AD Suffix is: DC=ipa,DC=local
The user for the Windows PassSync service is uid=passsync,cn=sysaccounts,cn=etc,dc=ipa,dc=cloud,dc=620nm,dc=net
Windows PassSync system account exists, not resetting password
ipa: INFO: Added new sync agreement, waiting for it to become ready . . .
ipa: INFO: Replication Update in progress: FALSE: status: Error (0) Replica acquired successfully: Incremental update started: start: 0: end: 0
ipa: INFO: Agreement is ready, starting replication . . .
Starting replication, please wait until this has completed.
Update in progress, 2 seconds elapsed
Update succeeded
已创建 ipasync 用户,其权限如文档中所述。
是否有人已经成功与 FreeIPA 建立 AD 同步?