Bug 803052

Summary: AD Users synced to IPA server are not added to "ipausers" group
Product: Red Hat Enterprise Linux 6 Reporter: Dmitri Pal <dpal>
Component: doc-Identity_Management_GuideAssignee: Deon Ballard <dlackey>
Status: CLOSED CURRENTRELEASE QA Contact: ecs-bugs
Severity: low Docs Contact:
Priority: unspecified    
Version: 6.2CC: jgalipea, jskeoch, mkosek, mniranja
Target Milestone: rcKeywords: Documentation
Target Release: 6.3   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 785201 Environment:
Last Closed: 2012-06-21 23:12:50 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 785201    
Bug Blocks:    

Comment 2 Martin Kosek 2012-03-14 07:28:31 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/2518


The following procedure will create an automember rule which would enroll all new users replicated via AD winsync replication:

# ipa automember-add --type=group ipausers
# ipa automember-add-condition ipausers --key=objectclass --type=group --inclusive-regex=ntUser
Comment 4 Deon Ballard 2012-04-17 16:04:04 UTC 
Link:
http://documentation-stage.bne.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/using-automembers-examples.html#automember-winsync
Comment 6 Deon Ballard 2012-06-21 23:12:50 UTC 
Closing.