While that is definitely *a* convention, it's not the one we've used which puts users by default in shared groups (nwra, visitors, etc). For example:
uid=2941(user) gid=1991(nwra) We may be fine changing conventions, but I'm researching whether or not we have to. Thanks. On 08/24/2016 11:19 AM, Justin Stephenson wrote: > Could you please explain further what you are trying to accomplish with an AD > trust default group? I believe we are following the standard linux convention > of creating a user private group using the ID number which matches the uid > number for AD trust users. > > Kind regards, > > Justin Stephenson > > > On 08/23/2016 06:27 PM, Orion Poplawski wrote: >> Is there any way to control the default gid for AD trust users? At the >> moment >> each user has it's own default group, e.g.: >> >> uid=22603(user@ad.domain) gid=22603(user@ad.domain) >> >> It would be nice to be able to set this to an actual group. >> >> Thanks. >> > -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane or...@nwra.com Boulder, CO 80301 http://www.nwra.com -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project