[389-users] Using Active Directory's SUA/SFU extensions in a Directory Server <==> AD setup
Rich Megginson
rmeggins at redhat.com
Thu Jan 14 15:46:36 UTC 2010
Kenneth Holter wrote:
> Hi.
>
>
> We wish to sync our Red Hat Directory Server (RHDS) with Active
> Directory (AD), and would like our linux boxes to make use the groups
> defined on AD. Our current plan have been to recreate the AD groups as
> netgroups on the RHDS side, but recently I've been told that it is
> possible use the AD groups directly - only modifications necessary
> would be to set some attribute mappings in the nss_ldap module, and
> enable/configure the Subsystem for UNIX-based Applications (SUA) on
> the AD side.
>
> Has anyone here implemented this setup?
>
> Is is so that SUA is simply a schema extension to hold unix
> attributes, so essentially what happens when enabling SUA is that one
> on the AD side is able to define posix attributes, which in turn is
> synced over to RHDS by the Windows Sync plugin?
389 Windows sync will not sync posix attributes at all, in either
direction, regardless of whether SUA/SFU is used.
>
>
> Best regards,
> Kenneth Holter
> ------------------------------------------------------------------------
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
More information about the 389-users
mailing list