The documentation on this is pretty good. Basically, you can ’trust’ AD from FreeIPA, which means the users from AD can be used in IPA. Groups too. Passwords must be set and reset in AD, but everything you need for Linux (SSH keys, host rules etc) can be done in IPA.
https://www.freeipa.org/page/Active_Directory_trust_setup > On 7 Mar 2019, at 18:34, Kristian Petersen via FreeIPA-users > <[email protected]> wrote: > > Hello, > > Where I work we are a small shop. We are currently using just FreeIPA for > authentication and DNS and other Linux management stuff that it does for us. > We have enough Windows workstations now that it would be really nice to be > able to manage those like we can our Linux stuff. From what I have read thus > far, it seems that if you use FreeIPA with AD AD is the primary user store > and FreeIPA kind of takes a back seat. I am looking for some help in better > understanding the implications of using FreeIPA along with AD. Is there > someone who could help me unravel this a bit or point me at some good > resources? > > -- > Kristian Petersen > System Administrator > BYU Dept. of Chemistry and Biochemistry > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
