[Freeipa-users] Multiple organizations on one server
Roman Naumenko
roman at naumenko.ca
Mon Nov 3 12:43:17 UTC 2014
Alexander Bokovoy said the following, on 03-11-14, 7:37:
> On Mon, 03 Nov 2014, Roman Naumenko wrote:
>> Roman Naumenko said the following, on 02-11-14, 22:20:
>>> Hi,
>>>
>>> Similar question was asked already, " Limiting group/user
>>> visibility" at
>>> https://www.redhat.com/archives/freeipa-users/2011-November/msg00277.html
>>> but other than this I couldn't find any clues if that's possible.
>>>
>>> If I was to manage separate organizations with own users, computers
>>> and other entries in one ipa server - would such scenario be possible?
>> I found relevant information, at least about directory structure, in
>> red hat directory server docs:
>> https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Configuring_Directory_Databases.html#Configuring_Directory_Databases-Creating_and_Maintaining_Suffixes
>>
>>
>> Since RH package is based on 389 directory server, which is part of
>> freeipa - I wonder if its possible to maintain independent root
>> suffixes?
> While 389-ds does support multiple root suffixes, FreeIPA management
> tools, Kerberos DAL driver, access control setup and other components do
> not support multi-tenancy.
Thank you for clarification.
--Roman
More information about the Freeipa-users
mailing list