Hi Dan
> With a one-way trust from FreeIPA 4.4 to Active Directory on WinServ2012r2, I
> am
> trying to use FreeIPA LDAP for user authentication.
> Is that supposed to work?
In the way you have described it, no. AD users/groups will not be in the
FreeIPA LDAP. So attempting to authenticate a Windows user by pointing an LDAP
client at a FreeIPA server will fail.
Installing the FreeIPA client on a Linux host and enrolling it in an IPA domain
with a trust to an Active Directory domain will allow you to authenticate
Windows users on the Linux host. This is done using SSSD, among other things.
Regards,
j
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
