[Freeipa-users] a user delegated to control a OU and realmd join - how..

[lejeczek]

.. if possible, would you know?
hi everybody,
I'm trying, and hoping it is possible to realm join an AD but is such a
way so I tap my IPA into specific OU within that AD.
The thing is - I'm thinking it would make user access control ideal
from the start as I need only users from that OU, but also because I'm
only granted access to the user/group who has control over that OU.
I'm trying that but I see:

! The computer account RIDER already exists, but is not in the desired
organizational unit.
adcli: joining domain ccc.bb.aa failed: The computer account RIDER
already exists,
 ! Failed to join the domain

I'm doing this:
$ realm join ccc.bb.aa --user=private-user --computer-ou=private

and computer is in OU=private of ccc.bb.aa
so is the user private-user

many thanks.
L##SELECTION_END##
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160511/89612ae6/attachment.htm>