[Freeipa-users] IPA, AD Trust and Domain Local Groups
wdh at dds.nl
wdh at dds.nl
Wed Jan 6 08:32:39 UTC 2016
Hi,
OK, clear. Thanks for the information!
Winny
Sumit Bose schreef op 06-01-2016 9:19:
> On Wed, Jan 06, 2016 at 08:56:27AM +0100, wdh at dds.nl wrote:
>> Hi all,
>>
>> Using an AD trust with IPA 4.2 all works well, but on the IPA/Linux
>> site
>> we're just not able to see AD "Domain Local Groups".
>>
>> Is that just not possible (a limitation of the current version that
>> is), is
>> some extra configuration needed of is just something wrong....?
>>
>> Hope one can give an answer!
>
> This is by design. As the name says the groups are 'Domain Local' i.e.
> only valid in the own AD domain (not even in the whole AD forest).
> Since
> the IPA domain is a completely different forest from the AD perspective
> the Domain Local Groups do not apply here. IPA just does the same here
> as AD does.
>
> HTH
>
> bye,
> Sumit
>
>>
>> Winny
>>
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list