On 02.10.20 16:03, Simo Sorce via FreeIPA-users wrote:
On Fri, 2020-10-02 at 12:27 +0200, Ronald Wimmer via FreeIPA-users
wrote:
> How could I possibly find the POSIX ids of all mapped Active Directory
> users?
>
> I do neither see them in LDAP nor do I find them with IPA user find.
They are in AD, query AD please.
The only other option is to use a command like: id <username>, but that
requires knowledge of each AD username you care for.
Keep in mind IPA is not a caching LDAP server, that's not its role, its
role is to provide the means to establish a point of trust between the
two worlds, so that AD clients can use services hosted in the IPA
domain servers.
Before reading your answer I always thought that IPA holds a unique UID
for each user. I was not aware that they could be found in AD. But where
in AD? What do I need to query for? When I take a look at my user in AD
i cannot find the UID attribute anywhere.
Cheers,
Ronald