Red Hat Directory Server 8.0 Administrator's Guide
Additionally, groups have the following two attributes:
• ntUniqueId. This contains the value of the objectGUID attribute for the corresponding
Windows entry. This attribute is set by the synchronization process and should not be set or
modified manually.
• ntGroupType. This is set automatically for Windows groups that are synchronized over, but
this attribute must be set manually on Directory Server entries before they will be synched.
The membership of groups is synchronized with the constraint that only those members that are
also within the scope of the agreement are propagated. Group members that are not within the
scope of the agreement are left unchanged on both sides.
Table 19.3, “Group Entry Attribute Mapping between Directory Server and Active Directory”
shows the attributes that are mapped between the Directory Server and Windows servers, and
Table 19.4, “Group Entry Attributes That Are the Same between Directory Server and Active
Directory” shows the attributes that are the same between the Directory Server and Windows
servers.
Directory Server Active Directory
cn name
ntGroupAttributes groupAttributes
ntGroupId
cn
name
samAccountName
ntGroupType groupType
Table 19.3. Group Entry Attribute Mapping between Directory Server and
Active Directory
cn member
description ou
l seeAlso
Table 19.4. Group Entry Attributes That Are the Same between Directory
Server and Active Directory
3.3. Deleting Entries
An Active Directory group or user account is automatically deleted from the Directory Server
sync peer server when entry is deleted. The same is true when a Directory Server account is
Deleting Entries
531