Hi Dan > With a one-way trust from FreeIPA 4.4 to Active Directory on WinServ2012r2, I > am > trying to use FreeIPA LDAP for user authentication.
> Is that supposed to work? In the way you have described it, no. AD users/groups will not be in the FreeIPA LDAP. So attempting to authenticate a Windows user by pointing an LDAP client at a FreeIPA server will fail. Installing the FreeIPA client on a Linux host and enrolling it in an IPA domain with a trust to an Active Directory domain will allow you to authenticate Windows users on the Linux host. This is done using SSSD, among other things. Regards, j
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project