We’re using IPA Server 4.1.0-18. We have a trust between IPA and AD with SID 
mapping. In our setup, AD would be example.com and IPA would be say 

I’m having some issues configuring both RHEL5 and AIX to work with the compat 
tree. In both cases, kerberos works with IPA and AD users but LDAP only works 
with IPA users and not AD users.

Should AD users be returned if I search uid=AD_user under 
cn=users,cn=compat,dc=ipa,dc=example,dc=com? Is this where my RHEL5 and AIX 
clients should be searching? I’m not getting any matches and I’ve verified that 
the compat plugin is enabled on our servers. I need a little more to go on as 
far as if I’m looking in the wrong sub-tree or going about this the wrong way.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to