After adding LDAP login with the same login credentials the existing user are able to login with both credentials. Local user account and LDAP user account. Since the login attribute is the same they can access their data just fine with either account.
So how does one disable local user account access after successfull LDAP setup?
Does someone have a working FreeIPA filter for LDAP? ‘MemberOf’ should be supported but I couldn’t get the filter working within 10 minutes and wanted to ask before I waste more time.