>>I have already:
>>- created an IPA group called ad_users.
>>- created an IPA group called ad_users_external.
> Did you create this group with --external?
Doh! Nope, somehow I missed that. I've done that and that part is working now.
But the other part of the question remains, i.e. I'm still seeing all of our AD
users (that have UNIX attributes enabled) instead of just the ones in the AD
group that I've added.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project