[Freeipa-users] Which AD server is used by FreeIPA
Simo Sorce
ssorce at redhat.com
Tue Aug 21 07:59:13 UTC 2012
----- Original Message -----
> Hello,
> I'm trying to build trust between FreeIPA and Windows Server 2008R2.
> It is said that FreeIPA uses samba as the AD server, but I found
> that 389 Directory Server is also installed. So which is used as the
> directory service for FreeIPA. If it is samba, why 389 Director
> Server is needed?
Hi Tengda,
FreeIPA uses some samba components to handle windows specific operations, but does NOT uses Samba as an AD server. In fact FreeIPa is not an AD compatible server and you cannot join Windows machines to it.
This is why we focused on trusts relationships.
Our model is based on keeping Windows and Linux machines separate. Windows machine will use their native AD enviornment, while Linux machine are joined to the FreeIPA domain and have linux-oriented management options not availbel in AD domains (HBAC, SElinux integration, netgroups, sudo integration and so on..).
389 Directory server i the informations tore for the FreeIPA server and all services use it to store/read data.
HTH,
Simo.
More information about the Freeipa-users
mailing list