[Freeipa-users] Re: AD trust and external services
On ke, 15 marras 2017, Николай Савельев wrote: Can I get AD users from ipa wia ldap? Yes, you sort of can. Learn about 'legacy clients support' in Windows Integration Guide. However, it will not help you with Owncloud / Zimbra / etc. because most of those applications expect to have mail attribute which you will not be able to retrieve with LDAP from IPA for AD users. So, don't spend your time on chasing wrong target. -- / Alexander Bokovoy ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
[Freeipa-users] Re: AD trust and external services
Can I get AD users from ipa wia ldap? 15.11.2017, 17:13, "Alexander Bokovoy" : > On ke, 15 marras 2017, Николай Савельев via FreeIPA-users wrote: >> Hello. >> >> I install AD trust. It works normally. >> >> I setup owcloud by this docs >> http://www.freeipa.org/page/Owncloud_Authentication_against_FreeIPA >> >> But i dont undestand how get all users from freeipa and ad for owncloud. >> >> By instructions i getting only ipa users. I also can get only AD users. >> >> How can I get all users together? >> >> Same situation is whith openfire, zimbra > > Basically, you need to avoid using LDAP directly and instead start using > an Identity Provider like ipsilon or Keycloak (RH SSO). Owncloud and > NextCloud both have support for SAML-based authentication which both > ipsilon and Keycloak provide. > > I know that Zimbra also supports SAML authentication. > > -- > / Alexander Bokovoy -- С уважением, Николай. ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
[Freeipa-users] Re: AD trust and external services
On ke, 15 marras 2017, Николай Савельев via FreeIPA-users wrote: Hello. I install AD trust. It works normally. I setup owcloud by this docs http://www.freeipa.org/page/Owncloud_Authentication_against_FreeIPA But i dont undestand how get all users from freeipa and ad for owncloud. By instructions i getting only ipa users. I also can get only AD users. How can I get all users together? Same situation is whith openfire, zimbra Basically, you need to avoid using LDAP directly and instead start using an Identity Provider like ipsilon or Keycloak (RH SSO). Owncloud and NextCloud both have support for SAML-based authentication which both ipsilon and Keycloak provide. I know that Zimbra also supports SAML authentication. -- / Alexander Bokovoy ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
