In a similar vein, is anyone aware of a (safe) automated work-around that can
periodically map users into localized Windows accounts? I am conceptualizing
some sort of powershell script involving a query to 389DS, but automating any
form of account management that way sounds moderately terrifying, and may be
out of the scope of this mailing list.
Paul C. Arnold
IT Systems Engineer
Cole Engineering Services, Inc.
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Petr Spacek [pspa...@redhat.com]
Sent: Thursday, October 01, 2015 03:15 AM
Subject: Re: [Freeipa-users] Trust Issues W/ Logins on Windows Desktops
This email was sent from a non-Department of Defense email account, and
contained active links. All links are disabled, and require you to copy and
paste the address to a Web browser. Please verify the identity of the sender,
and confirm authenticity of all links contained within the message.
Unfortunately you will not be able to log into Windows workstations using IPA
users because FreeIPA is (at the moment) missing Global Catalog component
which prevents Windows from working with IPA users.
It should work the other way around, but there is nothing you can do at the
moment to make it working with IPA users in Windows. Global Catalog is several
months away in the best case.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project