HI! I've got some thoughts on 4-th point: there is a http://pgina.org/ pgina project, may be them are able to do such thing.
20.02.2014 04:23, Dmitri Pal пишет: > Hello, > > I want to summarize our position regarding joining Windows systems > into IPA. > > 1) If you already have AD we recommend using this system with AD and > using trusts between AD and IPA. > 2) If you do not have AD then use Samba 4 instead of it. It would be > great when Samba 4 grows capability to establish trusts. Right now it > can't but there is an effort going on. If you are interested - please > contribute. > 3) If neither of the two options work for you you can configure > Windows system to work directly with IPA as described on the wiki. It > is an option of last resort because IPA does not provide the services > windows client expects. If this is good enough for you, fine by us. > 4) Build a native Windows client (cred provider) for IPA using latest > Kerberos. IMO this would be really useful if someone does that because > we will not build this ourselves. With the native OTP support in IPA > it becomes a real business opportunity to provide a native 2FA inside > enterprise across multiple platforms. But please do it open source way > otherwise we would not recommend you ;-) > > _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
