the answer is "yes" to both of them. I would check if your sync user is member
of Domain Admins group, or have equivalent rights. It seems your issue could be related to
You could find how to grant those permissions in Microsoft documentation, for instance,
----- Original Message -----
From: "Fabien Gasbayet"
Sent: Friday, August 28, 2015 12:46:22 PM
Subject: [389-users] replica from DS to AD
I have 2 questions.
1 - On this diagram :
Password replication seems bi-directional…
But on my attemps…
from DS to AD, I can sync users but passwords are always blank.
Only if I change passwords on AD, they’ll be replicated on DS.
2- If I delete an user on DS and lauch the replication… The user is not
removed on AD.
So, is it possible to sync password from DS to AD ?
And is it possible to delete users on DS with replica on AD ?
Thanks a lot
389 users mailing list