We wish to sync our Red Hat Directory Server (RHDS) with Active Directory (AD), and would like our linux boxes to make use the groups defined on AD. Our current plan have been to recreate the AD groups as netgroups on the RHDS side, but recently I've been told that it is possible use the AD groups directly - only modifications necessary would be to set some attribute mappings in the nss_ldap module, and enable/configure the Subsystem for UNIX-based Applications (SUA) on the AD side.
Has anyone here implemented this setup?
Is is so that SUA is simply a schema extension to hold unix attributes, so essentially what happens when enabling SUA is that one on the AD side is able to define posix attributes, which in turn is synced over to RHDS by the Windows Sync plugin?
Best regards,
Kenneth Holter
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
