On Thu, 2012-05-10 at 09:27 -0700, Brian Cook wrote: > THe problem with the cross realm trust support as I understand it is > that it requires you to populate posix attributes in AD, which many AD > admins are hesitant to do. You have to install the AD services for > unix pack and create metadata object in the directory for tracking UID > and GID and then manage users via the ADSFU snap in. I have run in to > significant resistance to this and the Linux guys usually do not have > access.
Sorry Brian but this is not true at all. We perform SID mapping in case of Forest Trusts with AD. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users