Show ID Views under compat tree

Posted on

Hello,

I'm facing a little problem to make AD Users available to non-supported IdM Clients (Solaris systems). So, at first, sorry for eventually asking a question about a not supported feature, but perhaps somebody out there has a small hint to bring me further ...

Following situation:
I've freshly installed a Red Hat IPA server on RHEL Server 7 from standard repos (ipa-server package, version 4.4.0) following the doc "Linux Domain Identity, Authentication, and Policy Guide". After that I built a trust to our companies ActiveDirectory following the "Windows Integration Guide" (with enable-compat option). All that was, I have to say, really very straight forward and on our RHEL clients I can see and work with the AD accounts.

Now to the "problem":
The AD doesn't bring the wanted values of some POSIX User Attributes (homeDirectory and loginShell), so I added some user idoverride's to ID View "Default Trust View", which works on the Linux Systems as expected. But we have some Solaris systems, connected to the compat tree of IdM's LDAP directory, which in principal works pretty well, too. But underneath the compat tree there is no directory for any ID View (as e.g. presented by Luc de Louw in his Blog, https://blog.delouw.ch/2016/04/15/using-freeipa-id-views-with-ldap-for-your-legacy-servers/ and is as far as I thought a new feature in the newer versions of IPA), so Solaris systems still see the AD Accounts w/o the idoverride changes.
The compat tree has only directories "cn=computers", "cn=groups", "cn=ng" and "cn=users". There I would expect the directory "cn=views" and underneath it the AD Accounts with the idoverrides, which can be accessed by the solaris clients (they would than use this path as serviceSearchDescriptor).

Am I eventually wrong and support of ID Views in the compat tree isn't available?
Or did I miss something somewhere in my install steps?

If you need more information, please ask, what I should provide. I decided me against some command outputs, because my text here is large enough ...

Thanks in advance
Matthias Lenhardt, BITMARCK Beratung GmbH, Germany

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.