[Freeipa-users] IPA and AD Home Directory

Dmitri Pal dpal at redhat.com
Tue Dec 10 23:43:12 UTC 2013 

On 12/10/2013 11:20 AM, Alfredo Vazquez wrote:
> Hi Everyone, my question is as follows:
> As Ipa authenticate a server to a Windows 7 client so that the login
> is correct, I hope your help

So you are saying that you want the IPA users connecting via Windows 7
clients be able to access servers in AD domain?
As it was explained below it is yet not possible.

>
> GREETINGS
>
>
> 2013/12/10 Martin Kosek <mkosek at redhat.com <mailto:mkosek at redhat.com>>
>
>     On 12/09/2013 11:34 PM, Alexander Bokovoy wrote:
>     > On Mon, 09 Dec 2013, Johan Petersson wrote:
>     >> Hi,
>     >>
>     >> In my test  environment i am planning to add a AD to my current IPA
>     >> configuration and i would like my IPA users to be able to log in
>     >> through windows to the AD and still have their IPA shared home
>     >> directory.
>     >>
>     >> IPA is Red Hat 6.5 and AD is Windows 2012 Server.
>     >>
>     >> Home Directories are currently shared through NFS and Kerberos
>     >>
>     >> Is there a preferred way to connect the AD to IPA for this
>     >> functionality?
>     > Using IPA identities to log-in to Windows machines is not
>     implemented
>     > yet.
>
>     Hello Johan,
>
>     I would like to elaborate more on this topic. What is currently
>     already working
>     and supported is the AD->IPA authentication. You can SSO from
>     Windows to Linux
>     machine controlled by FreeIPA already.
>
>     The second part (IPA->AD) is much more complicated, it requires
>     additional
>     MS-specific interfaces implemented on IPA side. This is a feature
>     we are
>     working on in FreeIPA 3.4 (i.e. the next version). We would like
>     to publish a
>     working version (at least PoC) when it is released.
>
>     This is the upstream ticket tracking the effort:
>     https://fedorahosted.org/freeipa/ticket/2586
>
>     This is the related information on our community wiki:
>     http://www.freeipa.org/page/Trusts
>     http://www.freeipa.org/page/V3/Trust_GC_support
>
>     HTH,
>     Martin
>
>     _______________________________________________
>     Freeipa-users mailing list
>     Freeipa-users at redhat.com <mailto:Freeipa-users at redhat.com>
>     https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
>
>
> -- 
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20131210/8f3e63df/attachment.htm>

More information about the Freeipa-users mailing list