On ti, 22 joulu 2020, Juarez Souza Junior wrote:
Hi Alexander, thanks for answering.
I want to deploy a freeipa server for each domain (app.test.local,
dev.test.local, sec.test.local and etc) but with the same realm for users
to have the same user database between the servers.
Could it be possible?
Do not drop the mailing list.
I already answered your question. Please search the mailing list
archives for additional details if you did not understand the answer I
gave _after_ the reference to the archives.
Em ter., 22 de dez. de 2020 Ã s 11:22, Alexander Bokovoy <aboko...@redhat.com>
escreveu:
On ti, 22 joulu 2020, Juarez Souza Junior via FreeIPA-users wrote:
>Hi All! So I'm trying to deploy FreeIPA Servers (with integrated DNS
>Server) in a domain and subdomain with the same user realm.
>Anyone knows if it would be possible to deploy FreeIPA servers in
different
>domains but sharing the same realm?
>How could I deploy a replica without enrolling it to the same domain of
the
>master server?
>For example:
>IPA Server -> realm: TEST.LOCAL domain: test.local (10.1.1.0/24)
>REPLICA -> realm: TEST.LOCAL domain: app.test.local (10.1.2.0/24)
>
>My problem is: I'm working on a project where I have multiple domains
(app,
>sec, dev and etc) and I need centralized user authentication for each
>domain zone.
>
>I did some test labs without success. (mainly with the replica)
>
>I hope someone could give me a direction.
What exactly did you try?
Look at this list archives, this is one of often asked questions. You
*should not* specify --domain option to ipa-client-install to be your
client's domain: e.g. not --domain=app.test.local but instead
--domain=test.local. The hostname can be in any domain, as long as that
domain zone exists in DNS and if that domain zone is not managed by IPA
DNS server, then the host-to-be-enrolled hostname exists in that zone.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
Atenciosamente,
Juarez Souza Junior
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
