You can, but only if you use hybrid Azure AD and have an AD DC to connect to. But then he problem becomes ‘who created the forest’. If you join in to an AAD ‘forest’ you still can’t create a trust. So far I’ve only had implementations where the AD domains and forests were ‘classic’ and only connected to AD later on.
Regards, John > On 29 Aug 2020, at 10:16, Jonathan Aquilina via FreeIPA-users > <freeipa-users@lists.fedorahosted.org> wrote: > > Hi Alexander, > > That is correct it is a hosted solution from microsoft. > > What I do find interesting is you can have a VM in azure running AD that > connects to Azure AD. Is it possible from freeipa to connect to a cloud based > VM that is running AD? > > Regards, > Jonathan > > > -----Original Message----- > From: Alexander Bokovoy <aboko...@redhat.com> > Sent: 28 August 2020 14:30 > To: FreeIPA users list <freeipa-users@lists.fedorahosted.org> > Cc: Jonathan Aquilina <jaquil...@eagleeyet.net> > Subject: Re: [Freeipa-users] Integration of freeipa into an azure AD based > infrastructure > > On pe, 28 elo 2020, Jonathan Aquilina via FreeIPA-users wrote: >> Afternoon all, >> >> I am just wondering does free ipa have the ability to integrate with azure >> >> AD based infrastructure or is a proper active directory domain required? >> > > The latter is the case. My understanding is that internally Azure AD is a > hosted solution that does not allow consumers (AD instance admins) to have > enough privileges to control their own AD forest to establish a trust to a > separate forest. > > -- > / Alexander Bokovoy > Sr. Principal Software Engineer > Security / Identity Management Engineering Red Hat Limited, Finland > _______________________________________________ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
