[Freeipa-users] Kerberos realm for different domain
Brian Candler
b.candler at pobox.com
Fri Dec 16 10:40:06 UTC 2016
On 16/12/2016 10:19, Alexander Bokovoy wrote:
>> I want to allow users in the AD.EXAMPLE.COM realm to login to
>> machines in the IPA.EXAMPLE.COM realm.
>>
>> Will this still work when the machines are in different DNS domains?
> Yes, it will. Here is the catch: you need to make sure these different
> DNS domains all mentioned in 'ipa realmdomains-show' and if not, they
> should be added by use of 'ipa realmdomains-mod'. None of these domains
> must overlap with Active Directory domains, of course.
Fantastic answer. Thank you so much for taking the time to explain this.
Regards,
Brian.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161216/40ce00ee/attachment.htm>
More information about the Freeipa-users
mailing list