I am wondering how one would go about allowing both ad users and FreeIPA user to work in harmony.
I recently was able to get FreeIPA to use trust to service unix systems. However, I encountered resistance as some people didn't like the long username, for example, email@example.com...@dev1.example.com. So I created local accounts and forced everyone back to FreeIPA users.
Some people didn't mind the name format and would prefer a single username everywhere. So now things are a bit cool, am investigating if these accounts can coexist and would like it to be up to the user's which account the will use
When I check id when logged in on with ad account, I don't see the group developer, but see firstname.lastname@example.org. This is a problem since I can't assign files to two groups, something I need as they have files they all have change. I also need both users to have SUDO access, this is fine as I can just duplicate SUDO commands one for developers group and another for email@example.com
How would one fix file sharing between ad and FreeIPA users?
I don't think one can put a group within another group? Or am I wrong on that? Google results seem negative
Thanks for advice
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project