I'm also interested in how people are handling this - especially when using AD Trusts.
When using a trust, the IPA host not only has to communicate with IPA servers, but with potentially every AD domain controller in your HUB site. For us, this is a large number of domain controllers which means we would need a large number of ACL's on our firewalls to permit the IPA DMZ client access to the AD domain controllers. Any suggestions? Thanks, Josh From: [email protected] [mailto:[email protected]] On Behalf Of Aly Khimji Sent: Wednesday, October 07, 2015 1:12 PM To: [email protected] Subject: [Freeipa-users] FreeIPA DMZ topology Hey guys, Question for you, would having a replica be the ideal solution for authorizing hosts in a DMZ? Do you have any use cases for DMZ access/authorization or topologies you can share for DMZ zones where FreeIPA is used? Aly
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
