<html> <head> <meta content="text/html; charset=windows-1252" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <p>AFAIK Jakub already answered that <a class="moz-txt-link-freetext" href="https://www.redhat.com/archives/freeipa-users/2016-November/msg00031.html">https://www.redhat.com/archives/freeipa-users/2016-November/msg00031.html</a></p> <div class="moz-cite-prefix">On 07.11.2016 12:05, James Harrison wrote:<br> </div> <blockquote cite="mid:151311567.3441657.1478516739115@mail.yahoo.com" type="cite">Anyone ?<br> <br> <div id="ymail_android_signature"><a moz-do-not-send="true" href="https://overview.mail.yahoo.com/mobile/?.src=Android">Sent from Yahoo Mail on Android</a></div> <br> <blockquote style="margin: 0 0 20px 0;"> <header style="font-family:Roboto, sans-serif; color:#6D00F6;"> <div>On Fri, 4 Nov, 2016 at 11:04, James Harrison</div> <div><a class="moz-txt-link-rfc2396E" href="mailto:jamesaharrisonuk@yahoo.co.uk"><jamesaharrisonuk@yahoo.co.uk></a> wrote:</div> </header> <div style="padding: 10px 0 0 20px; margin: 10px 0 0 0; border-left: 1px solid #6D00F6;"> <div style="color:#000;background-color:#fff;font-family:verdana, helvetica, sans-serif;font-size:16px;"> <div id="yui_3_16_0_ym19_1_1478256967956_3311" dir="ltr">Hello,</div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3558"><br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3667">I've installed FreeIPA 4.2 master using Centos and I have a Windows 2012R2 with its AD schema emulating a Windows 2012 system</div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3668"><br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3669">I have established a trust between the two and it appears to work. I can reference a user on the AD domain, but the only way is to add the AD domain. <br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3670"><br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3671">The only way to ssh to the master IPA server is like this:<br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3672"><br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3673"> ssh <a class="moz-txt-link-rfc2396E" href="mailto:x_xxxx@IPAWIN.LOCAL">"x_xxxx@IPAWIN.LOCAL"</a>@10.10.10.10</div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3674"><br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3675">Another example is using kinit:</div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3676"><br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3693">I have to do the following to get a credential:</div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3694">kinit <a class="moz-txt-link-abbreviated" href="mailto:x_xxxx@IPAWIN.LOCAL">x_xxxx@IPAWIN.LOCAL</a></div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3734"><br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3733">Ideally I would not need or use the "@IPAWIN.LOCAL". <br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3743"><br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3744">Can anyone help?</div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3765"><br> </div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3766">Best regards,</div> <div dir="ltr" id="yui_3_16_0_ym19_1_1478256967956_3768">James Harrison<br> </div> </div> </div> </blockquote> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> </blockquote> <br> </body> </html>