TLDR - Is it possible to sync users FROM FreeIPA TO 'AD'
I've started introducing FreeIPA into our network (which is currently LDAP with
linux clients) and migration client servers to authenticate against FreeIPA
(which has been working great).
In the past couple of weeks, we were forced to setup a couple of Windows
servers, so AD seemed like a good improvement (for getting centralised
authentication against our Windows workstations).
I have read tonnes of information about setting up Trusts between FreeIPA and
AD (and got a Trust itself working) and winsync using ipa-replica-manage, which
said it was working.
Although from all this testing, I cannot seem to get a solution working for
user synchronisation (or trusting) for authentication on Windows clients for
FreeIPA users. Either having users synced from FreeIPA to AD to have them
authenticate through the AD through a Forest Trust.
FWIW, I'm using CentOS 7 with FreeIPA 4 (tried Ubuntu 16.04, but couldn't get
Trust established at all) and Server 2012 for AD.
I also can't see anyone else doing it this way round... is what I'm trying to
Thanks in advanced for any help
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project