[Freeipa-users] ntGroup MUST ntUserDomainId?
Hugh
hugh at psychopig.com
Wed Mar 4 03:57:42 UTC 2015
All,
We're running ipa-server-3.0.0-42/389-ds-base-1.2.11.15-48 on CentOS 6.5
and synching to AD. We're able to synch users, but can't synch groups.
When I was adding in the ntGroup objectclass, it appears that that
requires ntUserDomainId to be set. Shouldn't that be ntGroupDomainId? I
tried to add ntGroupDomainId, but that attribute doesn't seem to be
allowed by any objectclasses. I did a grep on the /etc/dirsrv directory
and can see ntGroupDomainId in the attribute list, but not in any of the
objectclasses. What attributes/objectclasses are required for synching
to AD?
Thanks,
Hugh
More information about the Freeipa-users
mailing list