Jason Beavers wrote:
It's not directly supported, but I suppose you could have your AD administrator create a special admin user that had read/search rights over the AD tree but not update/write rights. Then Fedora DS could read the info from AD but not right any back. I don't know if this would make Fedora DS blow up because it would get lots of errors attempting to write updates to AD.Hi All,Probably been asked before but i didn't quite find the answer i was looking for by searching.Is it possible to configure a Unidirectional Windows Sync agreement? Scenario: Large Enterprise with fully deployed Windows ADWe would like to develop an application that runs off of Fedora DS, and allows the users to login using their normal AD credentials. We'll be storing alot of application specific data about each user, (preferences, settings, etc) in FedoraDS and are prohibited from writing anything back to AD. Which pretty much rules out modifying the AD schema, or writing changes back to AD (corporate mandate, don't ask). So basically what i'm asking is whether its possible to configure Windows Sync such that Users (and passwords) can be sync'd over from AD to FDS but not the other way around. This way all user management (creation, password changes, etc) always happens in AD and we only sync over the authentication credentials, leaving the other stuff to FDS.Make sense? Thoughts?
Thanks in advance ------------------------------------------------------------------------Never miss a thing. Make Yahoo your homepage. <http://us.rd.yahoo.com/evt=51438/*http://www.yahoo.com/r/hs>------------------------------------------------------------------------ -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
