Chapter 19. Synchronizing Red Hat Directory Server with Microsoft Active Directory
450
• Directory Server certificate, accessible by the sync services
19.2.2. Step 2: Configure the Active Directory Domain
The Active Directory domain has to be properly configured for synchronization to work.
1. Set up the Windows domain. On Windows 2000, use the
dcpromo
tool. On Windows 2003, install
the domain controller for Active Directory by clicking
Add or Remove Programs
and then
Add/
Remove Windows Components
.
NOTE
For more detailed information, see the appropriate Windows documentation.
2. Make sure that the Active Directory password complexity policies are enabled so that the
Password Sync
service will run.
Run
secpol.msc
, and select
Security Settings
, then
Account Policies
, and
Password Policy
.
Make sure that
Password must meet complexity requirements
is selected.
3. Set up SSL on the Active Directory server.
a. Install a certificate authority in the
Windows Components
section in
Add/Remove
Programs
.
b. Select the
Enterprise Root CA
option.
c. Reboot the Active Directory server. If IIS web services are running, the CA certificate can be
accessed by opening
http://
servername
/certsrv
.
d. Set up the Active Directory server to use the SSL server cert.
i.
Create a certificate request
.inf
, using the fully-qualified domain name of the Active
Directory as the certificate subject.
ii. Request the certificate by running the following command on the Active Directory
machine:
certreq -new request.inf request.req
iii. Submit the request to the Active Directory CA. For example:
certreq -submit request.req certnew.cer
NOTE
If the command-line tool returns an error message, then use the Web browser
to access the CA and submit the certificate request. If IIS is running, then the
CA URL is
http://
servername
/certsrv
.
Содержание DIRECTORY SERVER 8.0
Страница 18: ...xviii ...
Страница 29: ...Configuring the Directory Manager 11 6 Enter the new password and confirm it 7 Click Save ...
Страница 30: ...12 ...
Страница 112: ...94 ...
Страница 128: ...110 ...
Страница 190: ...Chapter 6 Managing Access Control 172 4 Click New to open the Access Control Editor ...
Страница 224: ...206 ...
Страница 324: ...306 ...
Страница 334: ...316 ...
Страница 358: ...340 ...
Страница 410: ...392 ...
Страница 420: ...402 ...
Страница 444: ...426 ...
Страница 454: ...436 ...
Страница 464: ...446 ...
Страница 484: ...466 ...
Страница 512: ...494 ...
Страница 522: ...504 ...