On 11/20/2014 07:38 PM, William Muriithi wrote:
?Hi guys,
I am wondering how one would go about allowing both ad users and
FreeIPA user to work in harmony.
I recently was able to get FreeIPA to use trust to service unix
systems. However, I encountered resistance as some people didn't like
the long username, for example,
[email protected][email protected]. ? So I created local accounts
and forced everyone back to FreeIPA users.
Some people didn't mind the name format and would prefer a single
username everywhere. So now things are a bit cool, am investigating if
these accounts can coexist and would like it to be up to the user's
which account the will use
When I check id when logged in on with ad account, I don't ? see the
group developer, but see [email protected]. This is a problem
since I can't assign files to two groups, something I need as they
have files they all have change. I also need both users to have SUDO
access, this is fine as I can just duplicate SUDO commands one for
developers group and another for [email protected]
How would one fix file sharing between ad and FreeIPA users?
I don't think one can put a group within another group? Or am I wrong
on that? Google results seem negative
Thanks for advice
William
Check this
http://www.freeipa.org/page/V4/Migrating_existing_environments_to_Trust
I think you might want to consider views and override names there.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
