[Freeipa-users] Bi directional login with AD trusts
Anon Lister
listeranon at gmail.com
Wed Dec 30 06:17:53 UTC 2015
Hello,
New to list. This is kind of a followup to the post here:
https://www.redhat.com/archives/freeipa-users/2015-January/msg00351.html
We are one of the odder shops that runs almost entirely linux, but the need
to support some windows stuff that requires AD has come up. We have things
setup as domain.com (NetBIOS name: DOM), with ipa.domain.com and
ipa-replica.domain.com.
We just added win.domain.com with a windows DC on ad.win.domain.com (NB
Name: WIN).
We are running EL 6.7/ipa 3.0.0. we got the trust setup working, can
confirm we can mount (tesT) shares from IPA to windows domain, can login to
the linux boxes with windows user credentials, but have been unable to
figure out how to login to the windows boxes with ipa credentials (this was
really our primary use case, as everything is managed in IPA and hits it
for authentication, we were hoping to not have to manage 2 sets of accounts
for the people needing windows, two places to update passwords, etc.).
Is there support for bidirectional login in newer FreeIPA? I found the
above thread that seemed to suggest you could not use IPA credentials for
logging into the windows domain. Has this changed at all? We would be
willing to look at upgrading to EL7 (or, id rather not, but even Fedora
Server, if we can get this feature). If not is it down the pipeline?
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151230/1380cc8e/attachment.htm>
More information about the Freeipa-users
mailing list