[Freeipa-users] ldapsearch for AD users
Hanoz Elavia
h.elavia at atomiccartoons.com
Tue Feb 21 20:10:09 UTC 2017
Hello,
I've got the FreeIPA server with AD trust (Server 2008 R2) setup and
running. I can login successfully on linux clients using AD credentials.
I'm now trying to setup my Isilon storage appliance with mixed mode file
sharing.
The filer has joined the AD so it provides Windows users access to the
files. However, being a legacy client, it uses simple bind to query ldap
for uid and gid. I was able to setup FreeIPA as the ldap server but it
doesn't seem to return the uid and gid for AD objects.
The query my storage is using is as follows:
ldapsearch -x -W -z 10 -H ldap://ipa.server.com -b
'cn=compat,dc=ipa,dc=server,dc=com' -D
'uid=binduser,cn=users,cn=accounts,dc=ipa,dc=server,dc=com'
'(|(objectClass=posixAccount)(objectClass=posixGroup)(objectClass=nisNetgroup)(objectClass=person))'
The following command will obtain all the IDs for the native FreeIPA users
/ groups but don't return any results for AD users. Is there a way to get
this done? I can't install any clients on the Isilon as it uses a BSD based
proprietary software. I can manually map FreeIPA assigned uids / gids but
that's tedious and error prone. Any help would be appreciated.
Regards,
H.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170221/85e76f57/attachment.htm>
More information about the Freeipa-users
mailing list