On 6/24/20 2:01 PM, White, David via FreeIPA-users wrote:
We have IdM / FreeIPA running on RHEL 7 boxes.
This is a 6-node cluster that has an existing 1-way trust back to Active
Directory.
IdM is still acting as the CA for its own clients, and when we setup the trust,
we used the following com
> Trust to Active Directory does not rely on any CA certificate or certificate
> properties from Active Directory. Many Active Directory forests do not have
> integrated CA at all.
Thanks. That makes me feel a lot better about tonight.
> However, if you have deployed IPA CA as a sub-CA of existi
On ke, 24 kesä 2020, White, David via FreeIPA-users wrote:
We have IdM / FreeIPA running on RHEL 7 boxes.
This is a 6-node cluster that has an existing 1-way trust back to
Active Directory.
IdM is still acting as the CA for its own clients, and when we setup the trust,
we used the following co
On ke, 24 kesä 2020, Dominik Vogt via FreeIPA-users wrote:
For a test setup, we need to create a custom service running on a
server and a custom application running on the client. The
sample gss client/server from the Kerberos sources is used for
demonstration.
Setting this up with plain Kerb
We have IdM / FreeIPA running on RHEL 7 boxes.
This is a 6-node cluster that has an existing 1-way trust back to Active
Directory.
IdM is still acting as the CA for its own clients, and when we setup the trust,
we used the following command:
ipa trust-add --type=ad example.com --admin admin_user
For a test setup, we need to create a custom service running on a
server and a custom application running on the client. The
sample gss client/server from the Kerberos sources is used for
demonstration.
Setting this up with plain Kerberos is easy:
1. Create the service principal with
$ ad
On Wed, Jun 24, 2020 at 11:40:45AM +0200, Nathanaël Blanchet via FreeIPA-users
wrote:
> Hello,
>
> I manage two independant AD domains, and I set up a trust with my
> freeipa server (realm NAT.ABES.FR).
>
> The trust-add step is ok for both and trust are both seen as active
> directory trust
Hello,
I manage two independant AD domains, and I set up a trust with my
freeipa server (realm NAT.ABES.FR).
The trust-add step is ok for both and trust are both seen as active
directory trust:
2 trusts matched
Realm name: ACME.local Domain NetBIOS name: ACME Domain Secur