----- Original Message -----
> Hello,
> I'm trying to build trust between FreeIPA and Windows Server 2008R2.
> It is said that FreeIPA uses samba as the AD server, but I found
> that 389 Directory Server is also installed. So which is used as the
> directory service for FreeIPA. If it is samba, why 389 Director
> Server is needed?

Hi Tengda,
FreeIPA uses some samba components to handle windows specific operations, but 
does NOT uses Samba as an AD server. In fact FreeIPa is not an AD compatible 
server and you cannot join Windows machines to it.

This is why we focused on trusts relationships.
Our model is based on keeping Windows and Linux machines separate. Windows 
machine will use their native AD enviornment, while Linux machine are joined to 
the FreeIPA domain and have linux-oriented management options not availbel in 
AD domains (HBAC, SElinux integration, netgroups, sudo integration and so on..).

389 Directory server i the informations tore for the FreeIPA server and all 
services use it to store/read data.

HTH,
Simo.

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to