diff --git a/_servicedata b/_servicedata
index 69362ea..38ee4be 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/kanidm/kanidm.git</param>
-              <param name="changesrevision">a917291ecf5b3b645d8c922d327d835198f71e94</param></service></servicedata>
\ No newline at end of file
+              <param name="changesrevision">6fb4fac5d0e27131a06e6ae0451064f0ec1aa1bb</param></service></servicedata>
\ No newline at end of file
diff --git a/kanidm-1.1.0~rc16~git1.a917291.tar.zst b/kanidm-1.1.0~rc16~git1.a917291.tar.zst
deleted file mode 100644
index 239a644..0000000
--- a/kanidm-1.1.0~rc16~git1.a917291.tar.zst
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:cb5ef9fa15e52e977b6b44f7568fe2559b6d2f04f688b2dfe14d61fcbcb8888f
-size 9290753
diff --git a/kanidm-1.1.0~rc16~git2.6fb4fac.tar.zst b/kanidm-1.1.0~rc16~git2.6fb4fac.tar.zst
new file mode 100644
index 0000000..04e16af
--- /dev/null
+++ b/kanidm-1.1.0~rc16~git2.6fb4fac.tar.zst
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7f66c5c99d787e4828064e78cce5edb9610a44375c145225411a479efdf5a802
+size 9291943
diff --git a/kanidm.changes b/kanidm.changes
index 1662398..5a5e85b 100644
--- a/kanidm.changes
+++ b/kanidm.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Feb 20 04:31:01 UTC 2024 - william.brown@suse.com
+
+- Add ipa-sync service
+- Update to version 1.1.0~rc16~git2.6fb4fac:
+  * List of supported features (#2499)
+
 -------------------------------------------------------------------
 Wed Feb 07 05:35:09 UTC 2024 - william.brown@suse.com
 
diff --git a/kanidm.spec b/kanidm.spec
index c816653..afce9a3 100644
--- a/kanidm.spec
+++ b/kanidm.spec
@@ -16,8 +16,11 @@
 #
 
 
+%define kanidm_profile release_suse_generic
+%define configdir %{_sysconfdir}/kanidm
+
 Name:           kanidm
-Version:        1.1.0~rc16~git1.a917291
+Version:        1.1.0~rc16~git2.6fb4fac
 Release:        0
 Summary:        A identity management service and clients.
 License:        ( Apache-2.0 OR BSL-1.0 ) AND ( Apache-2.0 OR ISC OR MIT ) AND ( Apache-2.0 OR MIT ) AND ( Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT ) AND ( CC0-1.0 OR Apache-2.0 ) AND ( MIT OR Apache-2.0 OR Zlib ) AND ( Unlicense OR MIT ) AND ( Zlib OR Apache-2.0 OR MIT ) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC0-1.0 AND ISC AND MIT AND MPL-2.0 AND MPL-2.0+
@@ -25,35 +28,37 @@ URL:            https://github.com/Firstyear/kanidm
 Source:         kanidm-%{version}.tar.zst
 Source1:        vendor.tar.zst
 
-BuildRequires:  cargo >= 1.69.0
+BuildRequires:  cargo-packaging
+%if 0%{?is_opensuse}
+BuildRequires:  llvm-clang >= 13
+%else
+# Sle is missing these provides.
+BuildRequires:  clang15
+%endif
 BuildRequires:  libselinux-devel
 BuildRequires:  libudev-devel
 BuildRequires:  pam-devel
+BuildRequires:  rust >= 1.69.0
 BuildRequires:  sqlite-devel
-BuildRequires:  zstd
+%if 0%{?rhel} > 7 || 0%{?fedora}
+BuildRequires:  tpm2-tss-devel
+%else
+BuildRequires:  tpm2-0-tss-devel
+# BuildRequires:  tpm2-openssl
+%endif
 
 %if 0%{?rhel} > 7 || 0%{?fedora}
-BuildRequires:  clang
 BuildRequires:  openssl-devel
 BuildRequires:  systemd
 %{?systemd_requires}
 %else
-# We have to special case this because rhel/fedora will never get cargo-packaging.
-BuildRequires:  cargo-packaging
 BuildRequires:  libopenssl-3-devel
-BuildRequires:  llvm-clang >= 13
-BuildRequires:  tpm2-0-tss-devel
-# BuildRequires:  tpm2-openssl
 %endif
 
 Requires:       %{name}-clients
 Requires:       %{name}-unixd-clients
 
-%if 0%{?rhel} > 7 || 0%{?fedora}
-ExclusiveArch:  x86_64 aarch64
-%else
 ExclusiveArch:  %{rust_tier1_arches}
-%endif
 
 %description
 An identity management platform written in rust that supports RADIUS, SSH Key management
@@ -78,8 +83,13 @@ Server for kanidm providing the main authentication and identity service
 Summary:        Client nsswitch/pam/ssh integration for consuming kanidm
 License:        MPL-2.0
 Requires:       %{name}-clients
+%if 0%{?rhel} > 7 || 0%{?fedora}
+Requires:       tpm2-tools
+Requires:       tpm2-tss
+%else
 Requires:       system-user-tss
 Requires:       tpm2.0-tools
+%endif
 
 %description unixd-clients
 A localhost resolver and libraries that allow a system to resolve posix
@@ -92,34 +102,24 @@ License:        MPL-2.0
 %description docs
 Documentation for using and configuring Kanidm.
 
-%define configdir %{_sysconfdir}/%{name}
-
 %prep
-%setup -q
-%setup -qa1
+%setup -q -n kanidm-%{version} -a 0
+%setup -q -n kanidm-%{version} -a 1 -D -T
 
 # Remove exec bits to prevent an issue in fedora shebang checking
 find vendor -type f -name \*.rs -exec chmod -x '{}' \;
 
 %build
 # Set our build profile, this will autodetect our cpu flags
-export KANIDM_BUILD_PROFILE=release_suse_generic
+export KANIDM_BUILD_PROFILE=%{kanidm_profile}
 # Show linking info for debugging
 # export RUSTC_LOG='rustc_codegen_ssa::back::link=info'
 # Dump the target features of this cpu.
 rustc --print target-cpus
-
-%if 0%{?rhel} > 7 || 0%{?fedora}
-# Do a basic build on fedora/rhel
-cargo build --offline --release --features=kanidm_unix_int/selinux
-%else
 # Override buildflags, we want to use clang + lld here. It's much better/faster than bfd.
 %define build_rustflags -C linker=clang -C link-arg=-fuse-ld=/usr/lib/rustlib/%{_arch}-unknown-linux-gnu/bin/gcc-ld/ld.lld -C debuginfo=2 -C incremental=false
 
-# --features=kanidm_unix_int/tpm,kanidm_unix_int/selinux
-
-%{cargo_build} --features=kanidm_unix_int/selinux
-%endif
+%{cargo_build} --features=kanidm_unix_int/tpm,kanidm_unix_int/selinux
 
 %install
 install -D -d -m 0755 %{buildroot}%{_sysconfdir}
@@ -130,7 +130,6 @@ install -D -d -m 0755 %{buildroot}%{_unitdir}
 install -D -d -m 0755 %{buildroot}%{_sbindir}
 install -D -d -m 0755 %{buildroot}%{_bindir}
 install -D -d -m 0755 %{buildroot}%{_libdir}
-
 %if 0%{?suse_version} > 1549
 install -D -d -m 0755 %{buildroot}/%{_pam_moduledir}
 %else
@@ -140,40 +139,42 @@ install -D -d -m 0755 %{buildroot}%{_datadir}/kanidm
 install -D -d -m 0755 %{buildroot}%{_datadir}/kanidm/docs/
 install -D -d -m 0755 %{buildroot}%{_datadir}/kanidm/ui/
 
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/kanidmd %{buildroot}%{_sbindir}/kanidmd
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/kanidm %{buildroot}%{_bindir}/kanidm
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/kanidm-unix %{buildroot}%{_sbindir}/kanidm-unix
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/kanidm_ssh_authorizedkeys %{buildroot}%{_sbindir}/kanidm_ssh_authorizedkeys
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/kanidm_ssh_authorizedkeys_direct %{buildroot}%{_sbindir}/kanidm_ssh_authorizedkeys_direct
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/kanidm_unixd %{buildroot}%{_sbindir}/kanidm_unixd
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/kanidm_unixd_tasks %{buildroot}%{_sbindir}/kanidm_unixd_tasks
-install -m 0644 %{_builddir}/%{name}-%{version}/target/release/libnss_kanidm.so %{buildroot}%{_libdir}/libnss_kanidm.so.2
-
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/kanidmd %{buildroot}%{_sbindir}/kanidmd
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/kanidm %{buildroot}%{_bindir}/kanidm
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/kanidm-ipa-sync %{buildroot}%{_sbindir}/kanidm-ipa-sync
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/kanidm-ldap-sync %{buildroot}%{_sbindir}/kanidm-ldap-sync
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/kanidm-unix %{buildroot}%{_sbindir}/kanidm-unix
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/kanidm_ssh_authorizedkeys %{buildroot}%{_sbindir}/kanidm_ssh_authorizedkeys
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/kanidm_ssh_authorizedkeys_direct %{buildroot}%{_sbindir}/kanidm_ssh_authorizedkeys_direct
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/kanidm_unixd %{buildroot}%{_sbindir}/kanidm_unixd
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/kanidm_unixd_tasks %{buildroot}%{_sbindir}/kanidm_unixd_tasks
+install -m 0644 %{_builddir}/kanidm-%{version}/target/release/libnss_kanidm.so %{buildroot}%{_libdir}/libnss_kanidm.so.2
 %if 0%{?suse_version} > 1549
-install -m 0644 %{_builddir}/%{name}-%{version}/target/release/libpam_kanidm.so %{buildroot}/%{_pam_moduledir}/pam_kanidm.so
+install -m 0644 %{_builddir}/kanidm-%{version}/target/release/libpam_kanidm.so %{buildroot}/%{_pam_moduledir}/pam_kanidm.so
 %else
-install -m 0644 %{_builddir}/%{name}-%{version}/target/release/libpam_kanidm.so %{buildroot}/%_lib/security/pam_kanidm.so
+install -m 0644 %{_builddir}/kanidm-%{version}/target/release/libpam_kanidm.so %{buildroot}/%_lib/security/pam_kanidm.so
 %endif
 
-install -m 0644 %{_builddir}/%{name}-%{version}/platform/opensuse/kanidmd.service %{buildroot}%{_unitdir}/kanidmd.service
-install -m 0644 %{_builddir}/%{name}-%{version}/platform/opensuse/kanidm-unixd.service %{buildroot}%{_unitdir}/kanidm-unixd.service
-install -m 0644 %{_builddir}/%{name}-%{version}/platform/opensuse/kanidm-unixd-tasks.service %{buildroot}%{_unitdir}/kanidm-unixd-tasks.service
-install -m 0644 %{_builddir}/%{name}-%{version}/examples/server.toml %{buildroot}%{configdir}/server.toml
+install -m 0644 %{_builddir}/kanidm-%{version}/platform/opensuse/kanidmd.service %{buildroot}%{_unitdir}/kanidmd.service
+install -m 0644 %{_builddir}/kanidm-%{version}/platform/opensuse/kanidm-unixd.service %{buildroot}%{_unitdir}/kanidm-unixd.service
+install -m 0644 %{_builddir}/kanidm-%{version}/platform/opensuse/kanidm-unixd-tasks.service %{buildroot}%{_unitdir}/kanidm-unixd-tasks.service
+install -m 0644 %{_builddir}/kanidm-%{version}/platform/opensuse/kanidm-ipa-sync.service %{buildroot}%{_unitdir}/kanidm-ipa-sync.service
+install -m 0644 %{_builddir}/kanidm-%{version}/examples/server.toml %{buildroot}%{configdir}/server.toml
 
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/build/completions/_kanidmd   %{buildroot}%{_sysconfdir}/zsh_completion.d/_kanidmd
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/build/completions/_kanidm   %{buildroot}%{_sysconfdir}/zsh_completion.d/_kanidm
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/build/completions/_kanidm_ssh_authorizedkeys_direct   %{buildroot}%{_sysconfdir}/zsh_completion.d/_kanidm_ssh_authorizedkeys_direct
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/build/completions/_kanidm_unix   %{buildroot}%{_sysconfdir}/zsh_completion.d/_kanidm_unix
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/build/completions/_kanidm_ssh_authorizedkeys   %{buildroot}%{_sysconfdir}/zsh_completion.d/_kanidm_ssh_authorizedkeys
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/_kanidmd   %{buildroot}%{_sysconfdir}/zsh_completion.d/_kanidmd
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/_kanidm   %{buildroot}%{_sysconfdir}/zsh_completion.d/_kanidm
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/_kanidm_ssh_authorizedkeys_direct   %{buildroot}%{_sysconfdir}/zsh_completion.d/_kanidm_ssh_authorizedkeys_direct
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/_kanidm_unix   %{buildroot}%{_sysconfdir}/zsh_completion.d/_kanidm_unix
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/_kanidm_ssh_authorizedkeys   %{buildroot}%{_sysconfdir}/zsh_completion.d/_kanidm_ssh_authorizedkeys
 
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/build/completions/kanidmd.bash %{buildroot}%{_sysconfdir}/bash_completion.d/kanidmd.sh
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/build/completions/kanidm.bash %{buildroot}%{_sysconfdir}/bash_completion.d/kanidm.sh
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/build/completions/kanidm_ssh_authorizedkeys_direct.bash %{buildroot}%{_sysconfdir}/bash_completion.d/kanidm_ssh_authorizedkeys_direct.sh
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/build/completions/kanidm_unix.bash %{buildroot}%{_sysconfdir}/bash_completion.d/kanidm_unix.sh
-install -m 0755 %{_builddir}/%{name}-%{version}/target/release/build/completions/kanidm_ssh_authorizedkeys.bash %{buildroot}%{_sysconfdir}/bash_completion.d/kanidm_ssh_authorizedkeys.sh
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/kanidmd.bash %{buildroot}%{_sysconfdir}/bash_completion.d/kanidmd.sh
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/kanidm.bash %{buildroot}%{_sysconfdir}/bash_completion.d/kanidm.sh
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/kanidm_ssh_authorizedkeys_direct.bash %{buildroot}%{_sysconfdir}/bash_completion.d/kanidm_ssh_authorizedkeys_direct.sh
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/kanidm_unix.bash %{buildroot}%{_sysconfdir}/bash_completion.d/kanidm_unix.sh
+install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/kanidm_ssh_authorizedkeys.bash %{buildroot}%{_sysconfdir}/bash_completion.d/kanidm_ssh_authorizedkeys.sh
 
-cp -r %{_builddir}/%{name}-%{version}/book/src/ %{buildroot}%{_datadir}/kanidm/docs/
-cp -r %{_builddir}/%{name}-%{version}/server/web_ui/pkg %{buildroot}%{_datadir}/kanidm/ui/pkg
+cp -r %{_builddir}/kanidm-%{version}/book/src/ %{buildroot}%{_datadir}/kanidm/docs/
+cp -r %{_builddir}/kanidm-%{version}/server/web_ui/pkg %{buildroot}%{_datadir}/kanidm/ui/pkg
 
 ## End install
 
@@ -182,6 +183,7 @@ cp -r %{_builddir}/%{name}-%{version}/server/web_ui/pkg %{buildroot}%{_datadir}/
 
 %pre server
 %service_add_pre kanidmd.service
+%service_add_pre kanidm-ipa-sync.service
 %endif
 
 %if 0%{?rhel} > 7 || 0%{?fedora}
@@ -189,6 +191,7 @@ cp -r %{_builddir}/%{name}-%{version}/server/web_ui/pkg %{buildroot}%{_datadir}/
 
 %post server
 %service_add_post kanidmd.service
+%service_add_post kanidm-ipa-sync.service
 %endif
 
 %if 0%{?rhel} > 7 || 0%{?fedora}
@@ -196,6 +199,7 @@ cp -r %{_builddir}/%{name}-%{version}/server/web_ui/pkg %{buildroot}%{_datadir}/
 
 %preun server
 %service_del_preun kanidmd.service
+%service_del_preun kanidm-ipa-sync.service
 %endif
 
 %if 0%{?rhel} > 7 || 0%{?fedora}
@@ -203,6 +207,7 @@ cp -r %{_builddir}/%{name}-%{version}/server/web_ui/pkg %{buildroot}%{_datadir}/
 
 %postun server
 %service_del_postun kanidmd.service
+%service_del_postun kanidm-ipa-sync.service
 %endif
 
 %if 0%{?rhel} > 7 || 0%{?fedora}
@@ -252,7 +257,10 @@ cp -r %{_builddir}/%{name}-%{version}/server/web_ui/pkg %{buildroot}%{_datadir}/
 
 %files server
 %{_sbindir}/kanidmd
+%{_sbindir}/kanidm-ipa-sync
+%{_sbindir}/kanidm-ldap-sync
 %{_unitdir}/kanidmd.service
+%{_unitdir}/kanidm-ipa-sync.service
 %dir %{_datadir}/kanidm
 %dir %{_datadir}/kanidm/ui
 %dir %{_datadir}/kanidm/ui/pkg
diff --git a/vendor.tar.zst b/vendor.tar.zst
index deb9969..d5b72a1 100644
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:5db0c88efe5d5ad4da9ed09732283ff34bfab7840370de1691d093a9b6aae094
-size 63147736
+oid sha256:8d705d143c3aa1962f74ec882352e9cbc83c9c7b3b63b94bf2b2d6d9982756ce
+size 63149528