[Freeipa-users] FreeIPA as domain controller?
Brian Candler
b.candler at pobox.com
Mon Oct 17 10:03:31 UTC 2016
Sorry if this is a frequently asked question, but it's not easy to find
a simple answer.
* Can I use FreeIPA (v4) as a domain controller for Windows machines to
join?
* If not, what's the recommended free/open solution? Would it be to set
up a Samba4 domain controller, and then set up cross-realm trust between
FreeIPA and Samba4?
(That is: assuming I want central AAA for both Linux boxes and Windows
boxes)
Things I found:
* http://www.freeipa.org/page/About
... but it only mentions FreeIPA v2 and v3
*
https://sambaxp.org/archive_data/SambaXP2016-SLIDES/thu/track2/sambaxp2016-thu-track2-Alexander_Bokovoy-Andreas_Schneider-SambaAndFreeIPAAnUpdateOnActiveDirectoryIntegration.pdf
... report on work-in-progress. It does say:
" FreeIPA Domain Controller is unlike Samba AD → Windows cannot be
joined to FreeIPA". But it's not clear if this is an eventual goal, or
whether it's likely to remain this way.
I guess keeping a lot of MS-specific nonsense out of FreeIPA is a good
thing :-)
Thanks,
Brian.
More information about the Freeipa-users
mailing list