[Freeipa-users] [How to] Set UID, GID, HomeDir in Trust AD user
KevinTang at umac.mo
KevinTang at umac.mo
Thu Sep 12 07:32:53 UTC 2013
Dear Martin,
Thank you very much
Kevin
From: Martin Kosek <mkosek at redhat.com>
To: KevinTang at umac.mo
Cc: freeipa-users at redhat.com
Date: 09/12/2013 03:29 PM
Subject: Re: [Freeipa-users] [How to] Set UID, GID, HomeDir in
Trust AD user
On 09/12/2013 09:16 AM, KevinTang at umac.mo wrote:
> Dear all,
>
> I have two domain, one is Windows AD domain, another is IPA domain. Both
> two domain already have two-ways trust, and Windows AD user can logon
> under IPA Client PC successfully.
>
> Since user account in Windows AD can logon IPA Client PC, May I set UID,
> GID, HomeDir for the user from Windows AD? If so, how should I do? Any
> tutorial on web?
>
> Thanks
> Kevin Tang
>
With a plain Active Directory and users signing from AD to FreeIPA Linux
client, AD user will get automatically assigned UID and GID based on their
Windows identification (SID). This should work fine.
However, I think you cannot set custom home dir centrally, unless you
configure
"Services for Identity Management for UNIX" AD extension and FreeIPA to
use it:
Design page of the feature:
http://www.freeipa.org/page/V3/Use_posix_attributes_defined_in_AD
Test day page (a.k.a. tutorials):
https://fedoraproject.org/wiki/Test_Day:2013-07-25_AD_trusts_with_POSIX_attributes_in_AD_and_support_for_old_clients
... and particularly this part:
https://fedoraproject.org/wiki/QA:Testcase_freeipa_using_posix_attributes_in_ad
If you do not want to use the extension, you could for example override
the
default home dir on FreeIPA clients e.g. with subdomain_homedir option of
sssd.conf (man sssd.conf).
HTH,
Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130912/24381362/attachment.htm>
More information about the Freeipa-users
mailing list