Am Thu, Sep 30, 2021 at 03:41:12PM -0000 schrieb Kurt Stine: > I was told this would be a better place than github issues. > > We're moving from an ldap environment to an AD environment. This means we > have a large amount of users who are still linked with their original ldap > UIDs. Unfortunately, changing the UIDs to the automatically assigned AD UIDs > is not an option. Is there a way for SSSD to both inherit a UID if it exists > or create its own if it doesn't? Also, is it possible to sync AD groups as > well? > > Right now we have this: > #ldap_id_mapping = True > ldap_user_uid_number = uidNumber > ldap_user_gid_number = gidNumber > > Unfortunately, even removing the last line doesn't sync AD groups. Are there > any options to sync them?
Hi, as Alexey said in https://github.com/SSSD/sssd/issues/5800 SSSD offers the override feature for this. You can import multiple overrides at once with 'sss_override user-import ...' or 'sss_override group-import ...'. If you are using a configuration management tool like ansible, puppet, cfengine etc you can distribute a file with the overrides to all affected systems and all 'sss_override'. HTH bye, Sumit > > Thanks, > Kurt > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
