Hi List Members,

I have a situation I am having a hard time getting a clean answer on.

I have a IDM/IPA domain setup and I have a trust setup with my Windows
domain. That part is working perfectly.

I have a one way forest transitive trust (outgoing) with a second windows
domain. I want users in this second domain to be able to authenticate to my
IDM/IPA domain. I was hoping that this would be possible through my
transitive trust with my primary windows domain.

When I issue the command ipa trust-fetch-domains for my primary domain I
get the response no new domains found. The second domain is never found.

Here is my question. Is this even possible without creating a trust with
the second domain directly? The documentation states that IPA will traverse
all trusts and add them. However I am starting to believe that reference is
for domains in only one forest. Can anyone clear up that point for me?

Regards,

Parth
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to