[Freeipa-users] freeIPA and AD in multi-homed environment
Alexander Bokovoy
abokovoy at redhat.com
Tue Apr 28 10:26:23 UTC 2015
On Tue, 28 Apr 2015, Арсений Черняков wrote:
> - Hi all.
> I've got a rather big domain environment with 10 distributed locations,
> and I'm considering using FreeIPA as an id manager for linux users and
> servers, alongside with existing AD, using trusts. In every location, there
> are 2 DCs for windows environment, and I'm thinking about deployment of 2
> freeIPA servers for each location, with replicas. This document states that
> I can't use more than 20 servers per IPA domain:
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/Setting_up_IPA_Replicas.html#replica-topologies
>
> - "No more than 20 servers and replicas should be involved in a single
> Identity Management domain."
> - How strict is this restriction? Is there any way I can deploy freeIPA
> in this situation, assuming that number of locations would increace over
> time? Is there any other limitations to integrate freeIPA in AD?
The limitations described above are for supported configurations
deployed on Red Hat Enterprise Linux. If you want a larger configuration
to be supported, you need to contact your Red Hat representatives and
work out with them exact support statement.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list