[Freeipa-users] Questions about AD Synchronization
Marco Pizzoli
marco.pizzoli at gmail.com
Sun Feb 12 20:49:56 UTC 2012
Hi guys,
a couple of questions about AD synchronization.
I read in the guide these points:
- A synchronization operation runs every five minutes. --> I read that it
can be triggered on demand, but is it possibile to change the value of this
frequency?
- Synchronization can only be configured with one Active Directory domain.
Multiple domains are not supported. --> Do they will in a future version?
- While modifications are bi-directional (going both from Active Directory
to FreeIPA and from FreeIPA to Active Directory), new accounts are only
uni-directional. New accounts created in Active Directory are synchronized
over to FreeIPA. However, user accounts created in FreeIPA must also be
added in Active Directory before they will be synchronized.
---> What is the origin of this restriction? I mean, why cannot be
created a user in AD by FreeIPA?
And another question, not related to the synchronization:
- In the FreeIPA 389-ds I see used the "DUA Config Profile" objectClass. To
learn what it is I already read RFC#4876. Now I would like to have a look
at a document/draft/etc.. about his using within FreeIPA. Is it available
anywhere? If no, could someone give some explanation?
Thanks a lot as usual!
Marco
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120212/e1e4e669/attachment.htm>
More information about the Freeipa-users
mailing list