Yes, it is correct and this is exactly what I observed in the tests (if ipa-ad-trust-posix is not mentioned, the uidNumber and gidNumber are ignored) and the one within the range is generated. The situation I have in AD is a "mix" of users without those attributes and with. If I configure the trust as non-posix, all users are detected but the uid and gid are ignored for those who have one in AD, therefore they would not be able to access their home folders (which has permissions based on AD uid and gid). I do not know if that is possible (to have IPA using uid and gid number when they are present in AD and generate a new one when not present ) or is something which is considered a feature request, but I thought it is worth asking . _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Freeipa-users] Re: posix and non-posix AD users
iulian roman via FreeIPA-users Fri, 07 May 2021 09:11:52 -0700
- [Freeipa-users] posix and non-posix AD u... iulian roman via FreeIPA-users
- [Freeipa-users] Re: posix and non-p... Florence Renaud via FreeIPA-users
- [Freeipa-users] Re: posix and n... White, David via FreeIPA-users
- [Freeipa-users] Re: posix a... John Desantis via FreeIPA-users
- [Freeipa-users] Re: posix and n... iulian roman via FreeIPA-users
- [Freeipa-users] Re: posix a... Sumit Bose via FreeIPA-users
- [Freeipa-users] Re: pos... iulian roman via FreeIPA-users
