[Freeipa-users] it's a weird one - how AD users get into IPA ?
lejeczek
peljasz at yahoo.co.uk
Fri Jun 10 08:54:19 UTC 2016
hi everyone
there is a master IPA which in some weird way puts AD users
into its ldap catalog. I say weird cause there is no trust
nor other sync established, there was a trust agreement, one
way type, but now 'trust-find' shows nothing, that trust was
removed.
but still when I create a user @AD DS a second later I see
it in IPA's ldap, eg.
dn:
uid=ccnrtest at ccnr.aaa.private.dom,cn=users,cn=compat,dc=private,dc=c
cnr,dc=aaa,dc=private,dc=dom
how to trace the culprit config responsible for this?
and funny(?) thing is that these users do not get replicated
to IPA replicas.
many thanks,
L
More information about the Freeipa-users
mailing list