On 12/01/2011 07:02 PM, Aram J. Agajanian wrote:
> On Wed, 30 Nov 2011 16:21:58 -0500
> "Aram J. Agajanian" <agaja...@cs.newpaltz.edu> wrote:
>> Is is possible to configure an AD synchronization with IPA but only
>> for existing IPA accounts?  
> If it's not possible to do this, then I'm considering an alternative
> plan for authentication.  I would have RHEVM authenticate with the
> campus AD.  The Linux workstations would authenticate with a 389 LDAP
> server which is configured for pass-through authentication to the AD
> server.
> I can learn more about IPA and perhaps deploy it over the summer.
It does it by sub-trees. So if the users that need to be synchronized
can be put into a subtree then you can do it.

Thank you,
Dmitri Pal

Sr. Engineering Manager IPA project,
Red Hat Inc.

Looking to carve out IT costs?

Freeipa-users mailing list

Reply via email to