Hi, folks,
We've got a small shop with around a hundred RHEL boxes and a small
user base currently authenticating against LDAP using one user naming
scheme. Our plan is to migrate these to freeipa (actually Red Hat IdM) with
a one-way trust with AD using a different naming scheme. I'm trying to
juggle in my head exactly how to sequence the needed activities to do this.
What I'd like to do is this, which I believe will require a moratorium
on user logons:
1) Provision IdM manually with new usernames and old UIDs.
2) Rename and chown home directories on the servers.
3) Join the servers to freeipa (IdM).
4) Establish a one-way trust with AD.
This seems like the logical course of events, but the gap between 3
and 4 worries me.
Thanks,
John A
--
John Adams
Senior Linux/Middleware Administrator | Information Technology Services
+1-501-916-3010 | jxad...@ualr.edu | http://ualr.edu/itservices
*UA Little Rock*
Reminder: IT Services will never ask for your password over the phone or
in an email. Always be suspicious of requests for personal information that
come via email, even from known contacts. For more information or to
report suspicious email, visit IT Security
<http://ualr.edu/itservices/security/>.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
