Hi, when a trust is established with posix range type, the users need to have uidNumber and gidNumber set on AD side. If you want IdM to generate uid and gid, the range type has to be ipa-ad-trust instead of ipa-ad-trust-posix but I believe the posix attributes of the AD entries won't be taken into account in this case (even if the AD entry contains a uidnumber/gidnumber, the one seen from IdM clients will be generated and is likely to differ). flo
On Fri, May 7, 2021 at 3:34 PM iulian roman via FreeIPA-users < [email protected]> wrote: > I have configured a trust between IdM and Active Directory with posix > range type. The users which do have an uidNumber in AD are correctly > listed, but those without uidNumber are not (similar for the groups). > Is there any setting or possibility to have the AD users without uidNumber > get an uid generated automatically (if they do not have one in AD) by IPA > and listed as AD users in Linux ? > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure >
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
