[Freeipa-users] Active directory integration with FreeIPA domain
Matt Comben
matt.comben at itdev.co.uk
Thu Aug 4 16:26:18 UTC 2016
Hi all,
TLDR - Is it possible to sync users FROM FreeIPA TO 'AD'
I've started introducing FreeIPA into our network (which is currently LDAP with linux clients) and migration client servers to authenticate against FreeIPA (which has been working great).
In the past couple of weeks, we were forced to setup a couple of Windows servers, so AD seemed like a good improvement (for getting centralised authentication against our Windows workstations).
I have read tonnes of information about setting up Trusts between FreeIPA and AD (and got a Trust itself working) and winsync using ipa-replica-manage, which said it was working.
Although from all this testing, I cannot seem to get a solution working for user synchronisation (or trusting) for authentication on Windows clients for FreeIPA users. Either having users synced from FreeIPA to AD to have them authenticate through the AD through a Forest Trust.
FWIW, I'm using CentOS 7 with FreeIPA 4 (tried Ubuntu 16.04, but couldn't get Trust established at all) and Server 2012 for AD.
I also can't see anyone else doing it this way round... is what I'm trying to do impossible?
Thanks in advanced for any help
Thanks
Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160804/33a58fa5/attachment.htm>
More information about the Freeipa-users
mailing list