[Freeipa-devel] IPA to IPA trusts
Dmitri Pal
dpal at redhat.com
Thu Jun 20 04:09:44 UTC 2013
Hello,
I have a stupid idea.
We now have ability to make IPA trust AD and AD trust IPA. IPA pretends
that it is AD.
I wonder how hard it would be to setup the case when there are two IPA
servers that both pretending that they are AD talking to each other.
This might be a temp solution for IPA to IPA trusts until we do PADs.
It might be a temp solution for use cases like this
https://fedorahosted.org/freeipa/ticket/3742
I suspect that SSSD would have to be configured as if it is a member of
an AD domain trusting another AD domain for this to work :-)
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-devel
mailing list