[Freeipa-users] FreeIPA -> FreeIPA trusts
Martin Kosek
mkosek at redhat.com
Fri Feb 19 08:57:18 UTC 2016
On 02/19/2016 06:33 AM, Chris Addie wrote:
> I have two separate networks each with their own FreeIPA server(s) and I
> would like for users from network A to be able to be able to access services
> in network B, but not the other way around. The documentation for ipa
> trust-add seems to imply this is not possibly however as “Only trusts to
> Active Directory domains are supported right now.” It seems really odd that
> FreeIPA supports trusting a Windows AD domain but not another FreeIPA
> domain. Is this really the case?
Yes.
> If so are IPA -> IPA trusts a feature that
> is planned for the future?
Yes :-)
> Is there some other way I could achieve this?
You can do hacks to achieve authentication part, but you would still miss
authorization or other parts. Please see details to my brief answer in our FAQ
section:
http://www.freeipa.org/page/Frequently_Asked_Questions#When_will_we_implement_FreeIPA_to_FreeIPA_trusts.3F
HTH,
Martin
More information about the Freeipa-users
mailing list