[Freeipa-users] Re: One way trust between 2 different freeipa servers
On ma, 11 joulu 2017, Andrew Radygin via FreeIPA-users wrote: It's really interesting question, I'd like to know it too. 2017-12-11 5:38 GMT+03:00 Anvar Kuchkartaev via FreeIPA-users < freeipa-users@lists.fedorahosted.org>: Hello I would like to setup one way trust between 2 different freeipa structures which belongs to different companies. The stucture is: Company A has own freeipa structures with replicas etc. with domain companya.com. Company B has own freeipa domain independent from company A (let's say companyb.com). I would like to allow company A administrators to be able to access company B machines and also to be able to setup access rules, sudo rules from company A freeipa server to limit access of own users to company B machines too (for support reasons) meanwhile company B do not have access to company A machines. Is it possible to achieve this? Currently there is no support for IPA-IPA trust at all. -- / Alexander Bokovoy ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
[Freeipa-users] Re: One way trust between 2 different freeipa servers
It's really interesting question, I'd like to know it too. 2017-12-11 5:38 GMT+03:00 Anvar Kuchkartaev via FreeIPA-users < freeipa-users@lists.fedorahosted.org>: > Hello I would like to setup one way trust between 2 different freeipa > structures which belongs to different companies. The stucture is: > Company A has own freeipa structures with replicas etc. with domain > companya.com. Company B has own freeipa domain independent from company A > (let's say companyb.com). I would like to allow company A administrators > to be able to access company B machines and also to be able to setup access > rules, sudo rules from company A freeipa server to limit access of own > users to company B machines too (for support reasons) meanwhile company B > do not have access to company A machines. Is it possible to achieve this? > > Anvar Kuchkartaev > an...@aegisnet.eu > > ___ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > > -- Best regards, Andrew. ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org