On Wed, Feb 10, 2016 at 08:41:15AM +0530, Supratik Goswami wrote:
> I am currently running IPA server 4.2 in RHEL 7.2 and I have created a
> two-way trust between
> my Windows AD and IPA server.
> 
> I have a heterogeneous environment where I have Windows, Linux and Mac
> clients.
> 
> The Windows users are present in AD and they can access the resources under
> IPA through the trust relationship.
> 
> What are the pros and cons
> 
> 1. When I create Linux and Mac users in the AD.

I'd say the management might be a slightly more complex than native IPA
users due to having to use the IPA external groups to nest AD users and
groups into IPA groups and eventually IPA policy resources like sudo
rules or HBAC rules.

> 
> 2. When I create Linux and Mac users in IPA

Even though the trust is described as two-way, it is really not possible
to access Windows resources or log in to Windows computers for IPA
users.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to