On Thu, 2012-05-10 at 09:27 -0700, Brian Cook wrote:
> THe problem with the cross realm trust support as I understand it is
> that it requires you to populate posix attributes in AD, which many AD
> admins are hesitant to do. You have to install the AD services for
> unix pack and create metadata object in the directory for tracking UID
> and GID and then manage users via the ADSFU snap in. I have run in to
> significant resistance to this and the Linux guys usually do not have
Sorry Brian but this is not true at all.
We perform SID mapping in case of Forest Trusts with AD.
Simo Sorce * Red Hat, Inc * New York
Freeipa-users mailing list