[Freeipa-users] Multiple organizations on one server

Alexander Bokovoy abokovoy at redhat.com
Mon Nov 3 12:37:08 UTC 2014


On Mon, 03 Nov 2014, Roman Naumenko wrote:
>Roman Naumenko said the following, on 02-11-14, 22:20:
>>Hi,
>>
>>Similar question was asked already, " Limiting group/user 
>>visibility" at https://www.redhat.com/archives/freeipa-users/2011-November/msg00277.html 
>>but other than this I couldn't find any clues if that's possible.
>>
>>If I was to manage separate organizations with own users, computers 
>>and other entries in one ipa server - would such scenario be 
>>possible?
>I found relevant information, at least about directory structure, in 
>red hat directory server docs:
>https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Configuring_Directory_Databases.html#Configuring_Directory_Databases-Creating_and_Maintaining_Suffixes
>
>Since RH package is based on 389 directory server, which is part of 
>freeipa - I wonder if its possible to maintain independent root 
>suffixes?
While 389-ds does support multiple root suffixes, FreeIPA management
tools, Kerberos DAL driver, access control setup and other components do
not support multi-tenancy.

-- 
/ Alexander Bokovoy




More information about the Freeipa-users mailing list