<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta content="text/html; charset=UTF-8" http-equiv="Content-Type"> </head> <body bgcolor="#ffffff" text="#000066"> 1. You can connect RH guests to AD - it works pretty much the same way as with IPA (IPA does many things the same way as AD). The only slight difference you might find with Kerberos configuration. Check my blog: <a class="moz-txt-link-freetext" href="http://">http://</a><cite>ondarnfs.blogspot.com</cite> for more 2. AD does not come for free. As far as I know the license for AD controller + all CALs for guests costs quite some money 3. Yes, with freeIPA and all the installers, the things are quite easy. With AD you have to do lot of things manually, but it will work. In summary I would say it is worth considering if you already have an AD controller in place. Ondrej On 06.07.2011 22:30, Steven Jones wrote: <blockquote cite="mid:833D8E48405E064EBC54C84EC6B36E402E6D2AC3@STAWINCOX10MBX1.staff.vuw.ac.nz" type="cite"> <pre wrap="">Not knowing much about connection to AD directly with RH guests....hopefully some ppl do... Advantages for AD 1) Zero first cost Disadvantages 1) Manual setup 2) managability? access control? other things? >From 3 days of googling I can find few or little info on the usefulness and practicality of connecting and using AD for linux authentication and authorisation in Enterprise situations....is it really used in an Enterprise? it looks like it might be OK for say 5 users where security isnt a concern for instance.... If anyone has actual experience to share that would be good.... regards _______________________________________________ Freeipa-users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Freeipa-users@redhat.com">Freeipa-users@redhat.com</a> <a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-users">https://www.redhat.com/mailman/listinfo/freeipa-users</a> </pre> </blockquote> </body> </html>