Rich,I don't know. I've never seen this before. Are you logged into the Windows DC as Administrator?
access log on the 389 machine? what version of 389-ds-base? what platform?
It doesn't look like the AD server has ever shown up in the access log so I imagine this is purely a passsync issue.
We are running Windows Server 2008 R2. My hunch is that UAC is messing this up. When I went to "check" on the settings under the "change" option from add/remove programs, all the options are blank. I then re-input them all and upon bringing up the settings again, the options are still blank.
Any ideas how to beat UAC for this? We may need to disable UAC, change the settings and then re-enable UAC which unfortunately takes a lot of reboots.
[root@claw slapd-claw]# rpm -qi 389-ds-baseName : 389-ds-base Relocations: (not relocatable)Version : 220.127.116.11 Vendor: Fedora ProjectRelease : 1.el5 Build Date: Mon 02 May 2011 11:36:56 AM CDTGroup : System Environment/Daemons Source RPM: 389-ds-base-18.104.22.168-1.el5.src.rpmSize : 4953090 License: GPLv2 with exceptionsSignature : DSA/SHA1, Mon 02 May 2011 12:00:08 PM CDT, Key ID 119cc036217521f6Packager : Fedora ProjectSummary : 389 Directory Server (base)
x86_64 RHEL 5