[Freeipa-users] proxy with Active Directory
Simo Sorce
simo at redhat.com
Thu May 10 16:33:33 UTC 2012
On Thu, 2012-05-10 at 09:27 -0700, Brian Cook wrote:
> THe problem with the cross realm trust support as I understand it is
> that it requires you to populate posix attributes in AD, which many AD
> admins are hesitant to do. You have to install the AD services for
> unix pack and create metadata object in the directory for tracking UID
> and GID and then manage users via the ADSFU snap in. I have run in to
> significant resistance to this and the Linux guys usually do not have
> access.
Sorry Brian but this is not true at all.
We perform SID mapping in case of Forest Trusts with AD.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list