On 02/25/2015 01:22 PM, Hugh wrote:
On 2/25/2015 11:02 AM, Dmitri Pal wrote:
But let us step back and ask the question why do you need to create the
users you sync manually first?
The users in a specific OU will be synced anyways without you manually
creating them in IPA.
So this is unclear why the whole thing is actually needed.
What we'd like to do is have admins create users in IPA via the web
interface (or CLI, if they're so inclined) and add them to an IPA group
then have those users synched over to our AD environment, so those users
can log into their Windows workstations. We'd like to avoid duplicate or
unnecessary effort in terms of creating users. More steps to a process =
more likelihood of mistakes.

We'd like to create the users in IPA so that we're consistent in
everyone using the IPA web interface to manage their user accounts.



Will all users created via IPA interface synched to AD?
Is there any harm to make all users be created with the attributes mentioned earlier in this thread?

Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to