[Freeipa-users] FreeIPA deployment questions (Open Directory)

[Brian Topping]

I'm new to FreeIPA and have some questions.  I've searched the archives for similar articles and found https://www.redhat.com/archives/freeipa-users/2011-May/msg00040.html, but with some differences.  Please excuse my lack of knowledge, but hope that answers to these questions might help others through the archives.

*** I saw the announcement that 2.1.4 from the updates-testing repo is "strongly advised".  In the previous message, I saw that deploying a production server on Fedora was a bad idea.  2.1.3 is the last version available on the CentOS repos.  Is that one reasonable to use?  Are there any gotchas that I should know about like disabling selinux?  Is 2.1.3 usable while waiting for 2.1.4 to hit the CentOS repos?

*** AD synchronization is under active development, but I'm wanting to work with Open Directory.  The last references I've seen to it on the user list was with 1.x.  I've seen the opaque objects in the OD schema, realize the OD schema is rather fluid and understand that maintaining an integration like that may not be productive for such a small audience.  On the other hand, are there configurations with limited replication or referrals that might provide basic interoperability?  I haven't been too successful with getting Apache Directory Studio connected to FreeIPA so I can browse around, but does anyone have some insights they could share on this?  Anyone have FreeIPA working at any level with OpenDirectory that they could share insights about?

Thank you kindly for any insights that you might be able to share!

Brian