[Freeipa-users] Windows client logon
Rob Crittenden
rcritten at redhat.com
Wed Sep 14 14:07:56 UTC 2011
Jimmy wrote:
> Just curious about this, the guide that we both refer to provides
> instructions for a windows client authentication but this page indicates
> that FreeIPA doesn't support windows clients:
>
> http://elladeon.fedorapeople.org/ipa/guide/Using_Microsoft_Windows.html
>
> Which is correct?
The guide you referred to was contributed by another FreeIPA user
showing one way to get Windows login working. It does this by mapping
all IPA users to a single windows user (ipauser).
This is not practical for most installations so we don't recommend it.
The roadmap for the next major release of FreeIPA adds AD trust so the
IPA realm can be trusted as part of an AD forest.
rob
>
> On Tue, Sep 13, 2011 at 4:08 PM, Rob Crittenden <rcritten at redhat.com
> <mailto:rcritten at redhat.com>> wrote:
>
> Jimmy wrote:
>
> I'm setting up a WinXP system to authenticate to FreeIPA. I
> followed the
> directions listed here:
> http://freeipa.org/page/Implementing_FreeIPA_in_a_mixed_Environment_%28Windows/Linux%29_-_Step_by_step
>
> I created the host account in FreeIPA, and the user, and I do get
> prompted to change the initial password(and it seems to work,)
> but as
> soon as the password is changed(or subsequent login attempts) I
> get the
> log in message"
> "the system cannot log you on now because the domain is not
> available"
>
>
> The guide says this happens when you don't log in using the
> principal name, are you using that?
>
> rob
>
>
More information about the Freeipa-users
mailing list