Re: [Freeipa-users] FreeIPA ActiveDire​ctory Integratio​n: Managing AD Users in IPA

2014-09-13 Thread Dmitri Pal
On 09/13/2014 05:27 PM, Gregor Bregenzer wrote: Hi! There are two ways that you can use to integrate FreeIPA with AD: a.) trust b.) synchronization Here are the pros/cons for both of them: http://www.freeipa.org/docs/master/html-desktop/index.html#trust-sync If you want to manage POSIX attribu

Re: [Freeipa-users] FreeIPA ActiveDire​ctory Integratio​n: Managing AD Users in IPA

2014-09-13 Thread Gregor Bregenzer
Hi! There are two ways that you can use to integrate FreeIPA with AD: a.) trust b.) synchronization Here are the pros/cons for both of them: http://www.freeipa.org/docs/master/html-desktop/index.html#trust-sync If you want to manage POSIX attributes for each user can do that with either identity

Re: [Freeipa-users] FreeIPA ActiveDire​ctory Integratio​n: Managing AD Users in IPA

2014-09-13 Thread Dmitri Pal
On 09/13/2014 04:03 PM, Traiano Welcome wrote: Hi List Currently I have a stable trust relationship going between IPA and Windows AD. I create users and manage passwords in AD, but want to manage the rest in IPA, "the rest" being default shell, default home directory settings, RBAC, HBAC, Seli

[Freeipa-users] FreeIPA ActiveDire​ctory Integratio​n: Managing AD Users in IPA

2014-09-13 Thread Traiano Welcome
Hi List Currently I have a stable trust relationship going between IPA and Windows AD. I create users and manage passwords in AD, but want to manage the rest in IPA, "the rest" being default shell, default home directory settings, RBAC, HBAC, Selinux etc .. What I'm expecting it to be able to lo

Re: [Freeipa-users] FreeIPA ActiveDirectory Integration, Fedora and Windows 2008 R2 AD: "ipa: ERROR: an internal error has occurred"

2014-09-13 Thread Alexander Bokovoy
On Sat, 13 Sep 2014, Traiano Welcome wrote: On Sat, Sep 13, 2014 at 7:03 PM, Alexander Bokovoy wrote: On Sat, 13 Sep 2014, Traiano Welcome wrote: Hi I've managed to get trusts working with CentOS 7 as an IdM server, Win2K8R2 AD DC and CentOS6.5 as a client, using the exact same series of st

Re: [Freeipa-users] FreeIPA ActiveDirectory Integration, Fedora and Windows 2008 R2 AD: "ipa: ERROR: an internal error has occurred"

2014-09-13 Thread Traiano Welcome
On Sat, Sep 13, 2014 at 7:03 PM, Alexander Bokovoy wrote: > On Sat, 13 Sep 2014, Traiano Welcome wrote: > >> Hi >> >> I've managed to get trusts working with CentOS 7 as an IdM server, >> Win2K8R2 >> AD DC and CentOS6.5 as a client, using the exact same series of steps as >> in >> the documentati

Re: [Freeipa-users] FreeIPA ActiveDirectory Integration, Fedora and Windows 2008 R2 AD: "ipa: ERROR: an internal error has occurred"

2014-09-13 Thread Alexander Bokovoy
On Sat, 13 Sep 2014, Traiano Welcome wrote: Hi I've managed to get trusts working with CentOS 7 as an IdM server, Win2K8R2 AD DC and CentOS6.5 as a client, using the exact same series of steps as in the documentation. Attached is the process I used. You got one step wrong: =

Re: [Freeipa-users] FreeIPA ActiveDirectory Integration, Fedora and Windows 2008 R2 AD: "ipa: ERROR: an internal error has occurred"

2014-09-13 Thread Traiano Welcome
Hi I've managed to get trusts working with CentOS 7 as an IdM server, Win2K8R2 AD DC and CentOS6.5 as a client, using the exact same series of steps as in the documentation. Attached is the process I used. I'll continue testing RHEL7 and Fedora 20.1 and submit a bug report if necessary. Thanks