[Freeipa-users] FreeIPA as domain controller?
Brian Candler
b.candler at pobox.com
Mon Oct 17 13:56:04 UTC 2016
On 17/10/2016 11:14, Alexander Bokovoy wrote:
> We are not yet at the point you could use IPA-hosted identities to login
> to Windows machines joined to AD, though, regardless which AD
> implementation it is.
>
That's very helpful, thank you. So basically it means that for the time
being, our admins will need two identities (one in each realm) and there
is not much benefit in setting up cross-realm trust.
Would there be any benefit the other way round - creating identities in
S4 and using them to login to FreeIPA-joined *nix boxes? I guess the
problem then is where posix attributes like uid and gid come from.
Regards,
Brian.
More information about the Freeipa-users
mailing list