On 12/12/2014 12:36 AM, Eldo Joseph wrote:
Are you saying that you have different IPA domains that are not
connected and you need to be able to log into a host from different domains?
I have requirement to access the service under different IPA servers,
can some one help me on this...
IPA Servers are running on V3.
If so you need:
a) Decide which domain is the primary domain for the host.
b) Join the host to the second domain
c) Manually configure the second authentication domain in sssd.
I am not sure whether the IPA back end would work. It might be worth a try.
If you configure the second back end as LDAP or LDAP + Kerberos it
should be fine.
Ask on SSSD list for more help if needed.
You need to make sure that your:
- UIDs do not overlap between domains
- you use FQDN for users when login
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project