On Wed, Aug 02, 2017 at 11:40:46AM -0000, Igor Sever via FreeIPA-users wrote:
There is no gidNumber attribute on AD group objects. If I want to
apply
posix attributes directly in AD, then I don't need FreeIPA, do I...
Many users and customers have an existing environment where some
machines are enrolled directly to AD and new ones are being added
directly to IPA and they want to use the same POSIX IDs every where.
Others choose to ID-map.
As per why the idrange was selected as posix, see Justin's answer.
Well, only the tools are deprecated, the schema is there to stay.