Fri, 21 Jan 2011 10:25:56 +0100
"General discussion list for the 389 Directory server project." <>

Hi Rich,

Thanks for this usefull link.

I have successfully initiate replica between Windows AD and my server 389-DS. Ldapsearch is working. But even if everything seems to be ok, the update does not work and I do not see any error in the log files... So, my AD server stay empty, the accounts are not migrate...

Here you have my access log file which is more verbose... ( for the example) :
Obviously I am connecting to the server 389-DS itself whereas it can resolve the DNS name of my Windows server... There is no error in the AD event viewer while I could see errors on it when it was misconfigured (like DirSync errors)... So, basically, the Windows server is contacted to my DS-Server over 2 different networks.

Do you think I have to open the ports described in my message ?

I don't know.  There is no winsync information in the access log.  Note that the access log records client accesses to the directory server, and in winsync, the directory server itself acts as a client to AD, so winsync will log nothing in the access log.  The errors log could be helpful, and especially using the replication log level (which is also used for winsync logging).  The Windows Event Viewer is useless for winsync issues.