subject:"\[Freeipa\-users\] Can kerberos SSSD provider be used against IPA"

Re: [Freeipa-users] Can kerberos SSSD provider be used against IPA

2017-03-04 Thread Jakub Hrozek

On Fri, Mar 03, 2017 at 07:10:40PM -0500, William Muriithi wrote:
> Hello,
> 
> I just came across this document.
> 
> https://www.susecon.com/doc/2015/sessions/TUT19343.pdf
> 
> If you look at page 8, that diagram imply that kerberos provider can
> only be used against active directory back end.

The AD and IPA authentication providers are more or less wrappers around
the Kerberos provider with some extra options such as the support for
enterprise principals.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Can kerberos SSSD provider be used against IPA

2017-03-04 Thread Andrew Holway

Hi William,

SSSD and FreeIPA have been developed in tandem by pretty much the same
group from Redhat and are both part of the Fedora project (upstream RHEL).
It's unsurprising that SUSE are not mentioning FreeIPA because it is a core
component of RHEL marketed as IDM (
https://access.redhat.com/products/identity-management).

SSSD can be used to authenticate against many providers. AD and IPA are
just two examples.

Cheers,

Andrew
(no I'm not affiliated with Redhat :)

On 4 March 2017 at 01:10, William Muriithi 
wrote:

> Hello,
>
> I just came across this document.
>
> https://www.susecon.com/doc/2015/sessions/TUT19343.pdf
>
> If you look at page 8, that diagram imply that kerberos provider can
> only be used against active directory back end.
>
>
> However, this Redhat article below recommended the solution above for
> an IPA setup. See the third page from the bottom.
>
> http://people.redhat.com/steved/Summits/Summit13/Summit_Handout13.pdf
>
> Would anyone be able to comment about the inconsistency? Both articles
> come from a reliable source, so not sure how to make of it.
>
> Regards,
> William
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Can kerberos SSSD provider be used against IPA

Re: [Freeipa-users] Can kerberos SSSD provider be used against IPA

2 matches

Site Navigation

Mail list logo

Footer information