Hi,

Yes existing IPA users....all users that are in AD lose ipausers AND any IPA 
user groups they were assigned to in IPA before the winsync takes place.

So to be clear (I hope),

After the winsync any IPA user NOT in AD stays in ipausers and their assigned 
IPA groups and works normally.

After the winsync any pre-sync user in IPA and AD loses ALL IPA user group 
membership not just ipauser....and is not working.

After the winsync any user not until then in IPA but synced over from AD does 
not end up in ipausers (which was my understanding what was meant to happen).  
That actually is no biggee...

So I lost 80% of my user setup, its a lot bigger issue than "not added to 
ipauser" group.

:(

Fortunately its a cloned virtual test bed....and not production.....ouch...

This and not bringing over all users because the user can have a sub-folder for 
mobile phone sync so gets wiped by the previous bug we discussed are total show 
stoppers for our IPA and RHEL desktop deployment,

Which seems to imply not this year? 

regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272

________________________________________
From: Rich Megginson [rmegg...@redhat.com]
Sent: Friday, 28 September 2012 4:08 a.m.
To: Steven Jones
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] winsync agreement transferred users not going into 
ipausers and existing users dropped from all their groups

On 09/26/2012 03:17 PM, Steven Jones wrote:
> Is this expected?
Ticket #2324 AD Users synced to IPA server are not added to "ipausers" group
https://fedorahosted.org/freeipa/ticket/2324

By "existing users" do you mean existing users in IPA?  Are these users
synced with entries in AD?

>
> regards
>
> Steven Jones
>
> Technical Specialist - Linux RHCE
>
> Victoria University, Wellington, NZ
>
> 0064 4 463 6272
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to