Hi all,

TLDR - Is it possible to sync users FROM FreeIPA TO 'AD'

I've started introducing FreeIPA into our network (which is currently LDAP with 
linux clients) and migration client servers to authenticate against FreeIPA 
(which has been working great).

In the past couple of weeks, we were forced to setup a couple of Windows 
servers, so AD seemed like a good improvement (for getting centralised 
authentication against our Windows workstations).

I have read tonnes of information about setting up Trusts between FreeIPA and 
AD (and got a Trust itself working) and winsync using ipa-replica-manage, which 
said it was working.
Although from all this testing, I cannot seem to get a solution working for 
user synchronisation (or trusting) for authentication on Windows clients for 
FreeIPA users. Either having users synced from FreeIPA to AD to have them 
authenticate through the AD through a Forest Trust.
FWIW, I'm using CentOS 7 with FreeIPA 4  (tried Ubuntu 16.04, but couldn't get 
Trust established at all) and Server 2012 for AD.
I also can't see anyone else doing it this way round... is what I'm trying to 
do impossible?

Thanks in advanced for any help

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to