the documentation states "[...] Client machines do not need to be in the same domain as FreeIPA servers. For example, FreeIPA may be a domain ipa.example.com and clients in domain clients.example.com, there just need to be a clear mapping between DNS domain and Kerberos realm. [...]"

Can clients be registered properly if the clients.example.com domain is an existing Active Directory domain which - of course - already has _kerberos entries in DNS?


Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to