Jim Kilborn via FreeIPA-users wrote: > We have migrated our AD users to a new domain (ie example.com -> > examplenew.com) > and I now need to change our IPA AD sync replication to use the new > domain. I can remove the old replication agreement and create the new > one, but my question is what happens to the users accounts. The AD > usernames didnt change during the migration, but the SID will be > different due to it being a new account in a new domain. Will IPA just > associated that username with the one already in IPA, or will it try > to create another account with a different UID/GID in ipa?
I'm honestly not sure what will happen. I suspect it will associate the user with the existing on in IPA, but otherwise not change anything. So it won't see the new SID, for example. But I really don't know. This is not something that we on the IPA team tested at all. cc'ing a 389 developer to see what they think. rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
