On 03/03/2015 02:54 PM, Erinn Looney-Triggs wrote:
On Tuesday, March 03, 2015 02:41:58 PM Dmitri Pal wrote:
On 03/03/2015 02:24 PM, Erinn Looney-Triggs wrote:
Before I go charging down this path too far, I wanted to figure out
whether it is possible for a RHEL 7 system to be a member of both an IPA
domain and a separate AD domain?
At this point trusts are not established between IPA and the AD, this will
happen around the 7.1 release, however, I would like the system to use IPA
for auth of things like ssh and the AD domain for auth of CIFS/SMB shares
via samba 4.
Is this possible? Anyone know? Seems like it should be.
It might be possible with some configuration hacks but we have not done
them so it is not known. I suspect that the challenge will be making
sure that SSSD and winbind do not step on each other regarding users.
7.1 will allow you to do what you want via trust so it would be safer to
wait a bit for it than to try to hack something with questionable
probability of success.
-Erinn
Are you questioning my hacking skills ;)
No, just being mindful of your time.
Thanks for the info, it looked possible but difficult, 7.1 should be out real
soon now (tm), I'll wait.
Yep
-Erinn
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
