[Freeipa-users] IPA client default authentication domain/realm different than member domain/realm.
McNiel, Craig
craig.mcniel at pearson.com
Mon Jun 23 15:18:49 UTC 2014
I am trying to integrate an IPA domain with a windows domain and I would
like to be able to have the users authenticated to the windows domain as a
default without having to append the realm to the login credentials as we
will not be using user authentication from the IPA domain.
The main reason for this is the Windows domain is a corporate run domain
that has an integrated joiners and leavers process for users and groups and
we don't want to have to duplicate that effort locally however I also don't
want my users to have to type
logon: username at WIN.DOMAIN.COM
I would instead like for them to just input the username and have the
REALM/Domain assumed to be WIN.DOMAIN.COM instead of IPA.DOMAIN.COM
I'm not certain how to configure the client for this configuration.
Example.
****************************************
* Win Domain (Users and Groups)*
****************************************
|
|
****************** ***********
* IPA Domain * <-----> *Clients *
****************** ***********
Thanks !
- Craig
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140623/aa0ce45c/attachment.htm>
More information about the Freeipa-users
mailing list