Edouard Guigné wrote: > Hello Rob, > > Thank you for your answer. > Do you mean it should already work ? > Or I have to do this on the FreeIPA server : > > |rm /etc/dirsrv/slapd-INSTNAME/schema/10rfc2307.ldif > cp /usr/share/dirsrv/data/10rfc2307bis.ldif /etc/dirsrv/slapd-INSTNAME/schema
Sorry, I guess I was a little terse. The nisDomain is already defined for IPA so you can skip that bit. The Posix Winsync Plugin is disabled by default. You'll need to enable it and configure it to match your environment. See the wiki page for configuration details. You can either enable and configure it online by using ldapmodify and binding as the Directory Manager or by shutting down 389-ds and modifying dse.ldif, then restarting it (or use a tool like Apache Directory Studio). rob > > > | > > Best Regards, have a nice we. > Ed > > Le 31/10/2014 16:04, Rob Crittenden a écrit : >> Edouard Guigné wrote: >>> Hello freeipa Users, >>> >>> I am working on a sync agreement between AD server -> FreeIPA server >>> (fedora 20) >>> >>> I follow the documentation, my sync works beetwen AD -> FreeIPA with >>> "ipa-replica-manage connect --winsync ..." >>> >>> However, I would like to extract attributes from my AD like : >>> - uidNumber >>> - gidNumber >>> - unixHomeDirectory >>> - loginShell >>> - msSFU30NisDomain >>> My AD server is 2008 R2 with with Subsystem for UNIX-based Applications. >>> >>> I would like rerieve these attributes in my freeipa server after sync. >>> >>> I had a look on google, and find informations like this : >>> https://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/managing-sync-agmt.html#tab.sync-agmt-attrs >>> >>> But I did not succeed with it. >>> >>> May someone help me ? >>> >> It should already work: >> >> http://www.port389.org/docs/389ds/design/winsync-posix.html >> >> rob >> >> >> > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
