On Thu, 2011-05-26 at 05:51 +0000, Steven Jones wrote:
> Quickly as Im late.
> We are setting up cross realm from AD to a school who runs MIT Kerberos with 
> openldap underneath....A windows client in our domain can then connect to a 
> school resource where its connected to the school's centralised setup....
> So its possible, yes.
> Not with freeipa from what Ive seen posted, yet...next version I am assuming 
> so.

Freeipa does not give you UI or tools to do it, although creating a
Kerberos trust is a very simple matter using kadmin.local to create the
proper principals.

Everything else would work like in the Kerberos+openldap setup in the
school you meantion.

So it is technically possible, we simply do not yet make it easy for you
by providing wrappers.


Simo Sorce * Red Hat, Inc * New York

Freeipa-users mailing list

Reply via email to