Hi All, We have an AD architecture setup, and are looking to sync FDS with this to allow us to authenticate Linux machines and network devices. We have two AD domains, and have a winsync and passsync setup with one of the domain controllers in each domain. This works, subject to the limitation that we have to manually create each OU. Once we create the OU in FDS, the users appear at the next sync. Question 1: is it possible to automatically sync *all* OU's, including creating the OU in FDS if it does not exist? We have hundreds of OUs, and I don't want to have to create them all manually. Question 2 is on UNIX UID/GID sync from AD. I've found a couple of posts which imply that it is not possible to sync UID/GUD from AD[1], but this was some time ago. An alternative piece of documentation suggests that it is, but provides no details[2]. I'm also struggling to find documentation on the libdna plugin, which I believe is involved[3]. My questions are - Is it possible to sync UID/GID from AD (where AD has the Unix Tools installed, and therefore has these attributes in the schema). - Is it possible to automatically apply a unique UID/GID to each user that does not have a UID/GID? Any help/pointers greatly appreciated. Many thanks, Alex [1] http://www.redhat.com/archives/fedora-directory-users/2007-February/msg00111.html [2] "Fedora DS gets posix/unix automatic uid generation (February 08, 2007) The cvs head now contains a new feature for automatic generation of sequenced numbers which is compatible with multi-master replication environments. This feature can be used for automatic generation of posix uidNumber and gidNumber in addition to other sequenced numeric attributes required by your deployment. " http://directory.fedoraproject.org/ [3] About the only referenceI can find: http://www.redhat.com/archives/fedora-directory-users/2008-January/msg00081.html