Please answer to the list.
On Fri, 30 Oct 2015, Troels Hansen wrote:
Not sure what you expect.
Modifying attributes for existing users takes time so we don't do it
automatically. When you run ipa-adtrust-install, it does ask you to run
a task that does the work of generating SIDs and adding needed
However, ipaNTHash will not be there until either of two events happens:
- user changes password;
- user authenticates with Kerberos against Samba running on IPA master.
No, I'm aware that the NTHash won't be there untill the user changes password.
I would however suppose that objectClass ipaNTUserAttrs being added and a
ipaNTSecurityIdentifier being added to all of my users.
Its added to most objects, but I still need 85 users/objects where its not
added, out of a total of ~500 (told by adtrust install script yesterday).
Its been 14 hours since I ran it, but still need the remaining, and I have no
idear why its not added.
You can check the task status.
how you can organize a task yourself or check the output from existing task.
The task that is run by the installer has DN
You can use /usr/share/ipa/ipa-sidgen-task-run.ldif as a basis to add a
/ Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project