I'm not familiar with freeIPA, but I'm basically do what you are trying to accomplish with AD/LDAP without any issue. Here is a doc I wrote up on AD/LDAP. How to Setup Dynamic Groups and Shared Rosters with LDAP/AD Maybe it will help, maybe not. Sorry I can't be more helpful.
↧