[Freeipa-users] Default gid for AD trust users
Orion Poplawski
orion at cora.nwra.com
Fri Sep 2 19:12:16 UTC 2016
FWIW - I've filed https://fedorahosted.org/freeipa/ticket/6293 to request the
ability to set the primary group for AD trust users.
On 08/24/2016 11:42 AM, Orion Poplawski wrote:
> While that is definitely *a* convention, it's not the one we've used which
> puts users by default in shared groups (nwra, visitors, etc). For example:
>
> uid=2941(user) gid=1991(nwra)
>
> We may be fine changing conventions, but I'm researching whether or not we
> have to.
>
> Thanks.
>
> On 08/24/2016 11:19 AM, Justin Stephenson wrote:
>> Could you please explain further what you are trying to accomplish with an AD
>> trust default group? I believe we are following the standard linux convention
>> of creating a user private group using the ID number which matches the uid
>> number for AD trust users.
>>
>> Kind regards,
>>
>> Justin Stephenson
>>
>>
>> On 08/23/2016 06:27 PM, Orion Poplawski wrote:
>>> Is there any way to control the default gid for AD trust users? At the moment
>>> each user has it's own default group, e.g.:
>>>
>>> uid=22603(user at ad.domain) gid=22603(user at ad.domain)
>>>
>>> It would be nice to be able to set this to an actual group.
>>>
>>> Thanks.
>>>
>>
>
>
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion at nwra.com
Boulder, CO 80301 http://www.nwra.com
More information about the Freeipa-users
mailing list