> With a one-way trust from FreeIPA 4.4 to Active Directory on WinServ2012r2, I
> trying to use FreeIPA LDAP for user authentication.
> Is that supposed to work?
In the way you have described it, no. AD users/groups will not be in the
FreeIPA LDAP. So attempting to authenticate a Windows user by pointing an LDAP
client at a FreeIPA server will fail.
Installing the FreeIPA client on a Linux host and enrolling it in an IPA domain
with a trust to an Active Directory domain will allow you to authenticate
Windows users on the Linux host. This is done using SSSD, among other things.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project