Thank you for the clear explanation Sumit. I thought i can avoid id-override
(for some issues which I will highlight on a new thread) , but I'll try to
configure and see how reliable it will be in my environment.
___
FreeIPA-users mailing list --
Am Fri, May 07, 2021 at 04:11:33PM - schrieb iulian roman via FreeIPA-users:
> Yes, it is correct and this is exactly what I observed in the tests
> (if ipa-ad-trust-posix is not mentioned, the uidNumber and gidNumber
> are ignored) and the one within the range is generated.
> The situation I
roup_name_external --external
> 'corp-ad-domain.com\groupName' # just hit enter the prompts for this last
> command.
>
> -David
>
> From: Florence Renaud via FreeIPA-users
> Reply-To: FreeIPA users list
> Date: Friday, May 7, 2021 at 10:45 To:
> FreeIPA users list Cc:
Yes, it is correct and this is exactly what I observed in the tests (if
ipa-ad-trust-posix is not mentioned, the uidNumber and gidNumber are ignored)
and the one within the range is generated.
The situation I have in AD is a "mix" of users without those attributes and
with. If I configure the
ence Renaud
Subject: [Freeipa-users] Re: posix and non-posix AD users
Hi,when a trust is established with posix range type, the users need to have uidNumber and gidNumber set on AD side.If you want IdM to generate uid and gid, the range type has to be ipa-ad-trust instead of ipa-ad-trust-posix b
Hi,
when a trust is established with posix range type, the users need to have
uidNumber and gidNumber set on AD side.
If you want IdM to generate uid and gid, the range type has to be
ipa-ad-trust instead of ipa-ad-trust-posix but I believe the posix
attributes of the AD entries won't be taken