> Well, at the moment we only set up a two way trust > but the windows admins would certainly be able to delete the outgoing > trust right after it is created, it should cause trouble for win users > that want to access ipa hosts. > > We may take an RFE about creating only a one way trust, but it won't be > there by 3.0 I think. >
Gotcha - I know here I'll probably end up with a requirement for windows users to access one or more of my linux systems (and web interfaces) with their windows AD credentials but there is no way the Windows team (or IT Security) would want my users in IPA to be able to log into the windows clients etc in the enterprise. _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users