Hi, Subnet? IP addressing will not matter its DNS as the main issue, for me anyway., I cant see IP / sunbets matter?
So, yes if you have AD as the same realm as IPA then only one will work well from what I can read, IPA has to have its neat auto-discovery/balancing features turned off, or at least hobbled. So, as an example I have vuw.ac.nz as the AD DNS domain/ kerberos realm and then unix.vuw.ac.nz as the sub-domain/sub kerberos realm, with AD delegating DNS to the IPA servers. This way the unix domain is "independent but referenced... eg I find the auto-discovery is working fine... So windows clients talk to AD directly, linux clients talk to IPA directly, if the linux clients need to DNS the IPA servers get that for them from AD..... I have some visio diagrams of how I have done it if you want them....it may not be the best way? but with so little architecture info available its all I have. regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 ________________________________ From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Brian Cook [bc...@redhat.com] Sent: Friday, 24 February 2012 9:59 a.m. To: freeipa-users@redhat.com Subject: [Freeipa-users] need info on AD / IPA coexistence I have heard that we currently have problems with IPA and AD existing on the same subnet, possibly only when using AD as DNS servers, possibly even when the realm names are different. I have not been able to find good concrete information or BZ's regarding this. I am looking for clarification as to what problems exist, why, is it a bug or just a fact, is it our bug our is it a MS-AD issue, etc. I need to understand what is going on as I have customers who are looking to deploy mixed IPA / AD environments. Any help or information would be appreciated. Thanks, Brian --- Brian Cook Solutions Architect, West Region Red Hat, Inc. 407-212-7079 bc...@redhat.com<mailto:bc...@redhat.com> _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users