22.11.2017, 15:39, "Alexander Bokovoy" <>:
> On ke, 22 marras 2017, Николай Савельев via FreeIPA-users wrote:
>>>  I think the better reference in the documentation is
>>>  If there is a trust to an AD forest and 'ipa-adtrust-install
>>>  --enable-compat' was called. there will be a special sub-tree in
>>>  FreeIPA's LDAP tree cn=compat,dc=ipa,dc=domain. AD user can be searched
>>>  in this sub-tree and if the user was found you can the the DN of the
>>>  user to bind to FreeIPA's LDAP server with the AD password.
>>>  Btw, I guess Owncloud supports PAM authentication as well, in this case
>>>  you can just configure Owncloud's PAM module to use SSSD on an IPA
>>>  client and SSSD will do the authentication of AD users for you.
>>>  HTH
>>>  bye,
>>>  Sumit
>>>>   rob
>> I did 'ipa-adtrust-install --enable-compat'
>> But in cn=compat,dc=test,dc=loc are only IPA users
>> How can I insert AD users in cn=compat,dc=test,dc=loc?
> By using LDAP queries as described in RFC2307. AD users should be
> specified in fully-qualified name format.
> --
> / Alexander Bokovoy

С уважением, Николай.
FreeIPA-users mailing list --
To unsubscribe send an email to

Reply via email to