On 09/29/2011 02:35 PM, Steven Jones wrote:
Hi,
In the documentation it says that new accounts in AD are syncd over to freeIPA, so IPA
sets the UID as it "arrives"?
Yes. It uses the DNA plugin to assign an auto-incremented uidNumber value.
What happens if the user is an existing one and has a UID they want to retain,
does that transfer over and get used?
uidNumber from AD, or is this a case where the user already exists in
both AD and IPA?
Also how do you set permissions
What permissions? ACIs?
and groups?
Posix groups?
does the new user just go into a default group
In the ipa-winsync plugin config you tell it how to find the entry that
has the default group gidNumber to use. This should be documented
somewhere.
and then you login to freeIPA and set them up? or can you put the GIDs into AD and they get
transferred and the user put into the "right" groups" automagically?
It cannot copy the gidNumber from AD.
Looks like I can set this sort of thing "how I want" in the sync agreement?
This sort of thing should be documented in the ipa winsync documentation.
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
