Hello!, I'm in a interop puzzle dilemma, hope you can help me out.
Currently all our user accounts are hosted in an Active Directory environment we don't own (another team handles that for us), acme.tld for this discussion. We're in the need to implement: - FreeIPA to handle our linux machine accounts and process/app users with ipa.domain.tld - FreeIPA (same as above or different cluster?) to handle external provider accounts with ext.domain.tld - Own AD Controllers to handle our Windows machines with ad.domain.tld The aim is: 1. Allow acme.tld users to access ipa.domain.tld machines. 2. Allow acme.tld users to access ad.domain.tld machines 3. Allow ext.domain.tld users to access ipa.domain.tld machines 4. Allow ext.domain.tld users to access ad.domain.tld machines 1 seems to be solved trusting acme.tld on FreeIPA side 2 seems to be solved trusting acme.tld on AD side Not sure how to solve 3 and 4, can you provide any recommendation?. Regards, CI.-
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
