On 12/01/2011 07:02 PM, Aram J. Agajanian wrote:
> On Wed, 30 Nov 2011 16:21:58 -0500
> "Aram J. Agajanian" <agaja...@cs.newpaltz.edu> wrote:
>> Is is possible to configure an AD synchronization with IPA but only
>> for existing IPA accounts?
> If it's not possible to do this, then I'm considering an alternative
> plan for authentication. I would have RHEVM authenticate with the
> campus AD. The Linux workstations would authenticate with a 389 LDAP
> server which is configured for pass-through authentication to the AD
> I can learn more about IPA and perhaps deploy it over the summer.
It does it by sub-trees. So if the users that need to be synchronized
can be put into a subtree then you can do it.
Sr. Engineering Manager IPA project,
Red Hat Inc.
Looking to carve out IT costs?
Freeipa-users mailing list