[Freeipa-users] syncing users more not limited to a subtree
David Juran
djuran at redhat.com
Wed Feb 15 07:39:17 UTC 2012
On tis, 2012-02-14 at 17:50 -0500, Rob Crittenden wrote:
> >>>
> >> I don't think so, but can you provide some examples?
> >
> > If I understand the customers use-case correctly (and this is quite a
> > disclaimer) they have _most_ of their users in one sub-tree in AD but
> > also some users spread out all over the AD.
> > So I gather that I really should sync the entire AD. Or that I
> > _possibly_ could specify multiple sub-trees to sync, but still only on a
> > subtree level and not individual users to sync. Or that I really should
> > wait for the trust-to-AD feature to be ready... Is that correct?
>
> How would they identify which users they would want sync'd? Is this
> something we'd be able to build a filter on (not that we actually
> provide a configurable filter right now)?
I'll check that, but won't all of this become moot once we can trust an
AD domain?
If this filtering would become a show-stopper I'll get back to you, but
if schedule permits, I'd rather wait for the trust feature rather then
develop a new feature for this.
--
David Juran
Sr. Consultant
Red Hat
+46-725-345801
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120215/957ee48d/attachment.sig>
More information about the Freeipa-users
mailing list