On Mon, 03 Nov 2014, Roman Naumenko wrote:
Roman Naumenko said the following, on 02-11-14, 22:20:

Similar question was asked already, " Limiting group/user visibility" at https://www.redhat.com/archives/freeipa-users/2011-November/msg00277.html but other than this I couldn't find any clues if that's possible.

If I was to manage separate organizations with own users, computers and other entries in one ipa server - would such scenario be possible?
I found relevant information, at least about directory structure, in red hat directory server docs:

Since RH package is based on 389 directory server, which is part of freeipa - I wonder if its possible to maintain independent root suffixes?
While 389-ds does support multiple root suffixes, FreeIPA management
tools, Kerberos DAL driver, access control setup and other components do
not support multi-tenancy.

/ Alexander Bokovoy

Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to