On pe, 08 marras 2019, Ronald Wimmer via FreeIPA-users wrote:
I think I know where to take a closer look.
I have 2 IPA servers, let's call them ipaA and ipaB. On ipaA
everything works without any problems. On ipaB I cannot resolve AD
users.
The "ipa trust-add" command has only been issued on ipaA. Some time
ago I read about trust controllers and trust agents on https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/windows_integration_guide/active-directory-trust
Are these assumptions true:
- ipaA became a trust controller by issuing the "ipa trust-add" command
- ipaB will have to be configured as trust agent
Correct. By running ipa-adtrust-install --add-agents on ipaA, you can
add ipaB to the set of trust agents.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
