Hi everyone, first post, hope the question is not too dumb and this is the right list.
I’m trying to use IPA in the way the RHEL Windows Integration Guide describes it in the one-way-trust setup (indirect integration, using AD for auth, IPA for policies). However, I’m hitting a wall since at one point you have to provide AD Admin credentials (setting up the agreement) which I don’t have/won’t have. Question: Are there other ways to get the (almost) same result w/o having admin access to AD? * Some 2 years back Dmitri Dal made a comment here which seems to point into that direction https://pagure.io/freeipa/issue/4546 but I wasn’t able to find anything in the official documentation or elsewhere and that issue has been closed as fixed. As of now I only see recreating all the users/groups from AD in IPA w/o any connectivity in between as one option, which would be ok but not very elegant and users have to deal with another password. Is it possible to use SSSD with AD as auth/idprovider and IPA for policies (something like shown in the modern integration option image here but with policies fetched from IPA: http://rhelblog.redhat.com/2015/02/04/overview-of-direct-integration-options/)? thanks, jgeo
_______________________________________________ FreeIPA-users mailing list -- firstname.lastname@example.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org