password sync with 2 AD domains

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> Is there any hope that a virtual view would be enough ? I have indeed
> a single ou for all the users in FDS.

Not without code changes, I don't think so. The code uses certain
criteria to determine if a given entry 'belongs' in the target AD.
It can support multiple AD domains (create multiple sync agreements).
However the criteria are : correct object class, and correct subtree.
Therefore your entries would match for both agreements and hence
get sync'ed to both AD domains, which is not what you want.

The 'fix' would be to store the domain name in the entry
(possibly this is already done, I can't remember), and then
add that to the criteria for syncing.
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux