Hi guys, a couple of questions about AD synchronization. I read in the guide these points: - A synchronization operation runs every five minutes. --> I read that it can be triggered on demand, but is it possibile to change the value of this frequency? - Synchronization can only be configured with one Active Directory domain. Multiple domains are not supported. --> Do they will in a future version? - While modifications are bi-directional (going both from Active Directory to FreeIPA and from FreeIPA to Active Directory), new accounts are only uni-directional. New accounts created in Active Directory are synchronized over to FreeIPA. However, user accounts created in FreeIPA must also be added in Active Directory before they will be synchronized. ---> What is the origin of this restriction? I mean, why cannot be created a user in AD by FreeIPA?
And another question, not related to the synchronization: - In the FreeIPA 389-ds I see used the "DUA Config Profile" objectClass. To learn what it is I already read RFC#4876. Now I would like to have a look at a document/draft/etc.. about his using within FreeIPA. Is it available anywhere? If no, could someone give some explanation? Thanks a lot as usual! Marco
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users