‎Hi guys,

I am wondering how one would go about allowing both ad users and FreeIPA user to work in harmony. 

I recently was able to get FreeIPA to use trust to service unix systems. However, I encountered resistance as some people didn't like the long username, for example, username@domain.lo...@dev1.example.com. ‎ So I created local accounts and forced everyone back to FreeIPA users.

Some people didn't mind the name format and would prefer a single username everywhere. So now things are a bit cool, am investigating if these accounts can coexist and would like it to be up to the user's which account the will use

When I check id when logged in on with ad account, I don't â€Ž see the group developer, but see developers@example.local. This is a problem since I can't assign files to two groups, something I need as they have files they all have change. I also need both users to have SUDO access, this is fine as I can just duplicate SUDO commands one for developers group and another for developers@example.local


How would one fix file sharing between ad and FreeIPA users? 

I don't think one can put a group within another group? Or am I wrong on that? Google results seem negative 

Thanks for advice

William

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to