Jimmy wrote:
Just curious about this, the guide that we both refer to provides
instructions for a windows client authentication but this page indicates
that FreeIPA doesn't support windows clients:


Which is correct?

The guide you referred to was contributed by another FreeIPA user showing one way to get Windows login working. It does this by mapping all IPA users to a single windows user (ipauser).

This is not practical for most installations so we don't recommend it.

The roadmap for the next major release of FreeIPA adds AD trust so the IPA realm can be trusted as part of an AD forest.


On Tue, Sep 13, 2011 at 4:08 PM, Rob Crittenden <rcrit...@redhat.com
<mailto:rcrit...@redhat.com>> wrote:

    Jimmy wrote:

        I'm setting up a WinXP system to authenticate to FreeIPA. I
        followed the
        directions listed here:

        I created the host account in FreeIPA, and the user, and I do get
        prompted to change the initial password(and it seems to work,)
        but as
        soon as the password is changed(or subsequent login attempts) I
        get the
        log in message"
        "the system cannot log you on now because the domain is not

    The guide says this happens when you don't log in using the
    principal name, are you using that?


Freeipa-users mailing list

Reply via email to