Re: [Freeipa-users] FreeIPA and AD trusts on the same DNS domain

2016-08-04 Thread Alston, David
are welcome, Simo. > --David Alston > > > -Original Message- > From: Simo Sorce [mailto:s...@redhat.com] > Sent: Wednesday, August 03, 2016 2:13 PM > To: Alston, David > Cc: freeipa-users@redhat.com > Subject: Re: [Freeipa-users] FreeIPA and AD trusts on the same DNS

Re: [Freeipa-users] FreeIPA and AD trusts on the same DNS domain

2016-08-04 Thread Simo Sorce
imo. > --David Alston > > > -Original Message- > From: Simo Sorce [mailto:s...@redhat.com] > Sent: Wednesday, August 03, 2016 2:13 PM > To: Alston, David > Cc: freeipa-users@redhat.com > Subject: Re: [Freeipa-users] FreeIPA and AD trusts on the same DNS domain >

Re: [Freeipa-users] FreeIPA and AD trusts on the same DNS domain

2016-08-04 Thread Petr Spacek
> > --David Alston > > > -Original Message- > From: Simo Sorce [mailto:s...@redhat.com] > Sent: Wednesday, August 03, 2016 2:13 PM > To: Alston, David > Cc: freeipa-users@redhat.com > Subject: Re: [Freeipa-users] FreeIPA and AD trusts on the same DNS domai

Re: [Freeipa-users] FreeIPA and AD trusts on the same DNS domain

2016-08-03 Thread Alston, David
ironment). Also, thanks for your other answers. They were very helpful :^) --David Alston -Original Message- From: Simo Sorce [mailto:s...@redhat.com] Sent: Wednesday, August 03, 2016 2:13 PM To: Alston, David Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] FreeIPA and

Re: [Freeipa-users] FreeIPA and AD trusts on the same DNS domain

2016-08-03 Thread Simo Sorce
On Wed, 2016-08-03 at 13:52 -0500, Alston, David wrote: > Greetings! > > That sounds like great news! Just to make sure I understand correctly.. > > 1. Any server managed by FreeIPA must NEVER have had a computer object > associated with them in AD? (even if it has now been deleted) No,

Re: [Freeipa-users] FreeIPA and AD trusts on the same DNS domain

2016-08-03 Thread Alston, David
eated in FreeIPA? --David Alston -Original Message- From: Simo Sorce [mailto:s...@redhat.com] Sent: Wednesday, August 03, 2016 1:28 PM To: Alston, David Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] FreeIPA and AD trusts on the same DNS domain On Wed, 2016-08-03 at 13:24

Re: [Freeipa-users] FreeIPA and AD trusts on the same DNS domain

2016-08-03 Thread Simo Sorce
On Wed, 2016-08-03 at 13:24 -0500, Alston, David wrote: > Greetings! > > Everyone seems to say that you can't have a domain trust across two > Kerberos realms (FreeIPA and Active Directory) if the hosts share the same > DNS domain. > > Hadoop seems to do this just fine, though. I'm i

[Freeipa-users] FreeIPA and AD trusts on the same DNS domain

2016-08-03 Thread Alston, David
Greetings! Everyone seems to say that you can't have a domain trust across two Kerberos realms (FreeIPA and Active Directory) if the hosts share the same DNS domain. Hadoop seems to do this just fine, though. I'm in the process of helping someone setup a trust between the Kerberos r