[Freeipa-users] winsync agreement transferred users not going into ipausers and existing users dropped from all their groups

Steven Jones Steven.Jones at vuw.ac.nz
Thu Sep 27 20:57:35 UTC 2012 

Hi,

Yes existing IPA users....all users that are in AD lose ipausers AND any IPA user groups they were assigned to in IPA before the winsync takes place.

So to be clear (I hope),

After the winsync any IPA user NOT in AD stays in ipausers and their assigned IPA groups and works normally.

After the winsync any pre-sync user in IPA and AD loses ALL IPA user group membership not just ipauser....and is not working.

After the winsync any user not until then in IPA but synced over from AD does not end up in ipausers (which was my understanding what was meant to happen).  That actually is no biggee...

So I lost 80% of my user setup, its a lot bigger issue than "not added to ipauser" group.

:(

Fortunately its a cloned virtual test bed....and not production.....ouch...

This and not bringing over all users because the user can have a sub-folder for mobile phone sync so gets wiped by the previous bug we discussed are total show stoppers for our IPA and RHEL desktop deployment,

Which seems to imply not this year? 

regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272

________________________________________
From: Rich Megginson [rmeggins at redhat.com]
Sent: Friday, 28 September 2012 4:08 a.m.
To: Steven Jones
Cc: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] winsync agreement transferred users not going into ipausers and existing users dropped from all their groups

On 09/26/2012 03:17 PM, Steven Jones wrote:
> Is this expected?
Ticket #2324 AD Users synced to IPA server are not added to "ipausers" group
https://fedorahosted.org/freeipa/ticket/2324

By "existing users" do you mean existing users in IPA?  Are these users
synced with entries in AD?

>
> regards
>
> Steven Jones
>
> Technical Specialist - Linux RHCE
>
> Victoria University, Wellington, NZ
>
> 0064 4 463 6272
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

More information about the Freeipa-users mailing list