Re: [Fedora-directory-users] FDS <-> AD: UID/GID and OU sync

Hi All, We have an AD architecture setup, and are looking to sync FDS with this to allow us to authenticate Linux machines and network devices. We have two AD domains, and have a winsync and passsync setup with one of the domain controllers in each domain. This works, subject to the limitation that we have to manually create each OU. Once we create the OU in FDS, the users appear at the next sync. Question 1: is it possible to automatically sync *all* OU's, including creating the OU in FDS if it does not exist? We have hundreds of OUs, and I don't want to have to create them all manually.

Question 2 is on UNIX UID/GID sync from AD. I've found a couple of posts which imply that it is not possible to sync UID/GUD from AD[1], but this was some time ago. An alternative piece of documentation suggests that it is, but provides no details[2]. I'm also struggling to find documentation on the libdna plugin, which I believe is involved[3].

My questions are - Is it possible to sync UID/GID from AD (where AD has the Unix Tools installed, and therefore has these attributes in the schema). - Is it possible to automatically apply a unique UID/GID to each user that does not have a UID/GID?