On 12/01/2011 07:02 PM, Aram J. Agajanian wrote: > On Wed, 30 Nov 2011 16:21:58 -0500 > "Aram J. Agajanian" <agaja...@cs.newpaltz.edu> wrote: > >> Is is possible to configure an AD synchronization with IPA but only >> for existing IPA accounts? >> > If it's not possible to do this, then I'm considering an alternative > plan for authentication. I would have RHEVM authenticate with the > campus AD. The Linux workstations would authenticate with a 389 LDAP > server which is configured for pass-through authentication to the AD > server. > > I can learn more about IPA and perhaps deploy it over the summer. > > It does it by sub-trees. So if the users that need to be synchronized can be put into a subtree then you can do it.
-- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users