On 11/21/2011 11:48 AM, David Juran wrote: > Hello. > > I have a customer who is using nisNetgroups in microsoft Active > Directory to keep track of which users are allowed to access which > services. I've understood that IPA today does not sync this information > from AD, is this correct? > > What about the future, once we can have trust towards an AD? Would that > allow us to use the nisNet groups in AD for HBAC and sudo?
Trusts would not help with netgroups. I wonder if it is something that can be done via a client configuration. But also why not move netgroups into IPA? Dumping the data into LDIF, creating a script to convert it to IPA internal netgroups format and loading it is not a huge effort. > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users