[Freeipa-users] winsync: only synchronize existing user accounts?
Dmitri Pal
dpal at redhat.com
Sat Dec 3 18:50:20 UTC 2011
On 12/01/2011 07:02 PM, Aram J. Agajanian wrote:
> On Wed, 30 Nov 2011 16:21:58 -0500
> "Aram J. Agajanian" <agajania at cs.newpaltz.edu> wrote:
>
>> Is is possible to configure an AD synchronization with IPA but only
>> for existing IPA accounts?
>>
> If it's not possible to do this, then I'm considering an alternative
> plan for authentication. I would have RHEVM authenticate with the
> campus AD. The Linux workstations would authenticate with a 389 LDAP
> server which is configured for pass-through authentication to the AD
> server.
>
> I can learn more about IPA and perhaps deploy it over the summer.
>
>
It does it by sub-trees. So if the users that need to be synchronized
can be put into a subtree then you can do it.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list