On 04/28/2016 04:44 PM, Matrix wrote: > Hi, all > > I am trying to do a centrelized solution > > AD domain is 'examplemedia.net' > > IPA domain is 'example.net' > > After ipa-replica has been established, i found that nothing has been synced > from AD to IPA. > > IPA version: ipa-server-4.2.0-15.0.1.el7.centos.6.1.x86_64 > > I doubt that for different suffix is supported ? If so, anyone can show some > hint for me to investigate more? > > Thanks for your kindly help. > > Matrix
Hello, what is your goal and current setup? By "ipa-replica has been established" do you mean that you installed a new currently standalone IPA server? And connected it somehow with AD? Or did you run `ipa-replica-manage connect --winsync ...` It would be good to mention that IPA server[1] cannot be a replica of an AD server. But it can integrate with it. Either by using winsync(synchronization) or the recommended solution: Trusts [2]. Documentation: [1] https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html [2] https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/pt02.html HTH -- Petr Vobornik -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project