Hello, New to list. This is kind of a followup to the post here: https://www.redhat.com/archives/freeipa-users/2015-January/msg00351.html
We are one of the odder shops that runs almost entirely linux, but the need to support some windows stuff that requires AD has come up. We have things setup as domain.com (NetBIOS name: DOM), with ipa.domain.com and ipa-replica.domain.com. We just added win.domain.com with a windows DC on ad.win.domain.com (NB Name: WIN). We are running EL 6.7/ipa 3.0.0. we got the trust setup working, can confirm we can mount (tesT) shares from IPA to windows domain, can login to the linux boxes with windows user credentials, but have been unable to figure out how to login to the windows boxes with ipa credentials (this was really our primary use case, as everything is managed in IPA and hits it for authentication, we were hoping to not have to manage 2 sets of accounts for the people needing windows, two places to update passwords, etc.). Is there support for bidirectional login in newer FreeIPA? I found the above thread that seemed to suggest you could not use IPA credentials for logging into the windows domain. Has this changed at all? We would be willing to look at upgrading to EL7 (or, id rather not, but even Fedora Server, if we can get this feature). If not is it down the pipeline? Thanks!
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
