On Wed, Feb 03, 2016 at 11:17:46AM -0600, Josh Pospisil wrote:
> I have successfully set up a trust between AD (windows server 2012) and
> freeIPA following this guide:
> My hope in doing this was to allow the users I have created on the freeIPA
> server to logon to our windows computers without recreating all of the
> users in AD, but this is not working. Can anyone verify whether or not
> this should be true or does the trust only work the opposite direction? If
> it should be true, can anyone offer any tips for troubleshooting?
no, this is currently not possible because a Global Catalog is needed
on the FreeIPA side. This is currently work-in-progress and tracked by
> When I try to verify the trust on the AD server, I get the following error:
> "There are currently no logon servers available to service the logon
> Dns was setup as described in the guide above.
Did you open all the firewall ports listed at the end of
> Thanks in advance for any help.
> Manage your subscription for the Freeipa-users mailing list:
> Go to http://freeipa.org for more info on the project
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project