On Tue, Feb 6, 2018 at 2:16 PM, Jakub Hrozek via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote:
> > If you don't want to bother with the POSIX attributes on the AD side, > you can perhaps use ID overrides? See > https://access.redhat.com/documentation/en-us/red_hat_ > enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_ > guide/id-views > for example. > Then how do UID/GID get generated? Automatically within IPA? If so, if I first imported my existing Sun LDAP directory, I guess IPA would then auto-generate the UID/GID for new accounts subsequently found in AD, but since they existing accounts were loaded from Sun LDAP, no changes for them. > > See https://github.com/jhrozek/pam_hbac/ :) > > Oh wow, that's awesome! Thanks! :-) Amos
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
