I have a setup where we have four IPA servers. Two of them are able to
talk to the AD Domain Controllers directly. I set them up as AD Trust
controllers.
The other two IPA servers can only talk to these IPA servers and not to
the AD DCs directly. Thats why I wanted them to have the Trust Agent
Role only.
I used "ipa-adtrust-install --add-agents" on these servers. After
configuring the roles and finishing the setup I did a "ipa
server-role-find" to check if the roles where set correctly. I found out
that all four IPA servers do have the Trust Controller role. And here
comes my question... why? Why have the two servers been added as trust
controllers and not as agents only?
Cheers,
Ronald
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue