<html><body><div style="font-family: times new roman, new york, times, serif; font-size: 12pt; color: #000000"><div></div><blockquote style="border-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"><b>From: </b>"Carlos Raúl Laguna" <carlosla1987@gmail.com><br><b>To: </b>"General discussion list for the 389 Directory server project." <389-users@lists.fedoraproject.org><br><b>Sent: </b>Wednesday, May 27, 2015 1:02:23 PM<br><b>Subject: </b>Re: [389-users] 389 ds as main object for storage all users<br><div><br></div><div dir="ltr">Hello William,<div><br></div><div>The problem with that approach is, user will not be in the same place, some users will be in AD other in FreeIPA and the actual need is to use Kolab groupware as email system for all user however kolab have some special attribute that need to be present in all user to work properly. Any ideas. Regards</div></div></blockquote><div>With IPA trust set up, you can have local IPA users and AD users in the same environment. I'm not 100% sure on the order of operations, but a lookup will be performed against IPA then forwarded on to the trust, or vice versa. But you should be able to have an environment with both users in IPA and users in AD. Here's some information on how to set it up if you're interested in giving it a test: . <a href="https://www.freeipa.org/page/Active_Directory_trust_setup">https://www.freeipa.org/page/Active_Directory_trust_setup</a> </div><div><br></div><div>-- David</div><blockquote style="border-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"><div class="gmail_extra"><br><div class="gmail_quote">2015-05-27 3:09 GMT-04:00 William <span dir="ltr"><<a href="mailto:william@firstyear.id.au" target="_blank">william@firstyear.id.au</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Why not use freeipa's AD trust features?<br><br>
William<br><span class=""><br>
> On 27 May 2015, at 05:42, Carlos Raúl Laguna <<a href="mailto:carlosla1987@gmail.com" target="_blank">carlosla1987@gmail.com</a>> wrote:<br>
><br>
> Hello everyone,<br>
><br>
> It would be possible to create a scenario where 389 ds became a box for all users through winsync and replication,We have some users in Windows AD and some other in Freeipa, however we are looking a way to put together all the user in one place 389 DS, (just the users) to create a single email system for all users. Any input will be appreciated. Regards<br>
><br>
><br>
</span>> --<br>
> 389 users mailing list<br>
> <a href="mailto:389-users@lists.fedoraproject.org" target="_blank">389-users@lists.fedoraproject.org</a><br>
> <a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br>
--<br>
389 users mailing list<br><a href="mailto:389-users@lists.fedoraproject.org" target="_blank">389-users@lists.fedoraproject.org</a><br><a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a></blockquote></div><br></div><br>--<br>389 users mailing list<br>389-users@lists.fedoraproject.org<br>https://admin.fedoraproject.org/mailman/listinfo/389-users</blockquote><div><br></div></div></body></html>