[Freeipa-users] Migration from FreeIPA 1.2.1 to 2
Simo Sorce
simo at redhat.com
Thu May 26 13:10:44 UTC 2011
On Thu, 2011-05-26 at 05:51 +0000, Steven Jones wrote:
> Quickly as Im late.
>
> We are setting up cross realm from AD to a school who runs MIT Kerberos with openldap underneath....A windows client in our domain can then connect to a school resource where its connected to the school's centralised setup....
>
> So its possible, yes.
>
> Not with freeipa from what Ive seen posted, yet...next version I am assuming so.
Freeipa does not give you UI or tools to do it, although creating a
Kerberos trust is a very simple matter using kadmin.local to create the
proper principals.
Everything else would work like in the Kerberos+openldap setup in the
school you meantion.
So it is technically possible, we simply do not yet make it easy for you
by providing wrappers.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list