Hi, Yes existing IPA users....all users that are in AD lose ipausers AND any IPA user groups they were assigned to in IPA before the winsync takes place.
So to be clear (I hope), After the winsync any IPA user NOT in AD stays in ipausers and their assigned IPA groups and works normally. After the winsync any pre-sync user in IPA and AD loses ALL IPA user group membership not just ipauser....and is not working. After the winsync any user not until then in IPA but synced over from AD does not end up in ipausers (which was my understanding what was meant to happen). That actually is no biggee... So I lost 80% of my user setup, its a lot bigger issue than "not added to ipauser" group. :( Fortunately its a cloned virtual test bed....and not production.....ouch... This and not bringing over all users because the user can have a sub-folder for mobile phone sync so gets wiped by the previous bug we discussed are total show stoppers for our IPA and RHEL desktop deployment, Which seems to imply not this year? regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 ________________________________________ From: Rich Megginson [rmegg...@redhat.com] Sent: Friday, 28 September 2012 4:08 a.m. To: Steven Jones Cc: firstname.lastname@example.org Subject: Re: [Freeipa-users] winsync agreement transferred users not going into ipausers and existing users dropped from all their groups On 09/26/2012 03:17 PM, Steven Jones wrote: > Is this expected? Ticket #2324 AD Users synced to IPA server are not added to "ipausers" group https://fedorahosted.org/freeipa/ticket/2324 By "existing users" do you mean existing users in IPA? Are these users synced with entries in AD? > > regards > > Steven Jones > > Technical Specialist - Linux RHCE > > Victoria University, Wellington, NZ > > 0064 4 463 6272 > > _______________________________________________ > Freeipa-users mailing list > Freeipaemail@example.com > https://www.redhat.com/mailman/listinfo/freeipa-users _______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users