On Thu, 05 Feb 2015, Nicolas Zin wrote:
Hi,

is it possible to create a one way AD trust relationship with FreeIPA/IDM 3.3?
No.

- From Windows I created an incoming one-way trust relationship, with a 
trust-secret
- on Linux I use the trust-secret with ipa: ipa trust-add --type=ad 
ipawindows.mtl.sfl --trust-secret

everything seems to be fine, but when I try
kinit administra...@ipawindows.mtl.sfl
kinit: KDC reply did not match expectations while getting initial credentials

I tried others ways, but I wonder if it is possible to have a one-way trust 
relationship?
One-way trust is not supported yet. I'm in the process of writing a
set of design documents and opening tickets for various missing parts.
We hope to get it done within the scope of FreeIPA 4.2.

--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to