I'm planning implementing a IPA server at a site where there is allready a
working Active directory domain.
I would still like the machines from AD and IPA live in the same DNS domain.
AD Domainname = foo.bar
AD KERBEROS realm = FOO.BAR
a Host principal would look like: host/host1.foo....@foo.bar
Now i would like to introduce the IPA server under a different realm name but
for the same DNS name.
IPA domainname = foo.bar
IPA KERBEROS realm = LINUX.FOO.BAR (or what ever)
a Host principal would look like: host/host2.foo....@linux.foo.bar
So basicly i would register the hostnames / PTR records in the microsoft DNS
and use the IPA kerberos REALM for authentication.
Am i making any sense? is this asking for a world of hurt?
Freeipa-users mailing list