Thans!
22.11.2017, 15:39, "Alexander Bokovoy" <aboko...@redhat.com>: > On ke, 22 marras 2017, Николай Савельев via FreeIPA-users wrote: >>> I think the better reference in the documentation is >>> >>> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/windows_integration_guide/trust-legacy >>> >>> If there is a trust to an AD forest and 'ipa-adtrust-install >>> --enable-compat' was called. there will be a special sub-tree in >>> FreeIPA's LDAP tree cn=compat,dc=ipa,dc=domain. AD user can be searched >>> in this sub-tree and if the user was found you can the the DN of the >>> user to bind to FreeIPA's LDAP server with the AD password. >>> >>> Btw, I guess Owncloud supports PAM authentication as well, in this case >>> you can just configure Owncloud's PAM module to use SSSD on an IPA >>> client and SSSD will do the authentication of AD users for you. >>> >>> HTH >>> >>> bye, >>> Sumit >>> >>>> rob >> >> I did 'ipa-adtrust-install --enable-compat' >> But in cn=compat,dc=test,dc=loc are only IPA users >> How can I insert AD users in cn=compat,dc=test,dc=loc? > > By using LDAP queries as described in RFC2307. AD users should be > specified in fully-qualified name format. > > -- > / Alexander Bokovoy -- С уважением, Николай. _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org