Kenneth Holter wrote: > Hi. > > > We wish to sync our Red Hat Directory Server (RHDS) with Active > Directory (AD), and would like our linux boxes to make use the groups > defined on AD. Our current plan have been to recreate the AD groups as > netgroups on the RHDS side, but recently I've been told that it is > possible use the AD groups directly - only modifications necessary > would be to set some attribute mappings in the nss_ldap module, and > enable/configure the Subsystem for UNIX-based Applications (SUA) on > the AD side. > > Has anyone here implemented this setup? > > Is is so that SUA is simply a schema extension to hold unix > attributes, so essentially what happens when enabling SUA is that one > on the AD side is able to define posix attributes, which in turn is > synced over to RHDS by the Windows Sync plugin? 389 Windows sync will not sync posix attributes at all, in either direction, regardless of whether SUA/SFU is used. > > > Best regards, > Kenneth Holter > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users
