[Freeipa-users] one way AD trust relationship
Alexander Bokovoy
abokovoy at redhat.com
Fri Feb 6 08:16:37 UTC 2015
On Thu, 05 Feb 2015, Nicolas Zin wrote:
>Hi,
>
>is it possible to create a one way AD trust relationship with FreeIPA/IDM 3.3?
No.
>- From Windows I created an incoming one-way trust relationship, with a trust-secret
>- on Linux I use the trust-secret with ipa: ipa trust-add --type=ad ipawindows.mtl.sfl --trust-secret
>
>everything seems to be fine, but when I try
>kinit Administrator at ipawindows.mtl.sfl
>kinit: KDC reply did not match expectations while getting initial credentials
>
>I tried others ways, but I wonder if it is possible to have a one-way trust relationship?
One-way trust is not supported yet. I'm in the process of writing a
set of design documents and opening tickets for various missing parts.
We hope to get it done within the scope of FreeIPA 4.2.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list