[SSSD-users] Re: SSSD: Cross Forest AD Trust with sssd-ad provider

2017-06-13 Thread Jakub Hrozek
On Tue, Jun 13, 2017 at 02:07:02PM +0100, Tony Barganski wrote: > H Jakub Hrozek > > I also have a use case for this. My situation is that we are building out > Linux Server environments in AWS cloud for SAP clients and want a way to have > centralised accounts for our engineers and allow

[SSSD-users] Re: SSSD: Cross Forest AD Trust with sssd-ad provider

2017-06-13 Thread Tony Barganski
H Jakub Hrozek I also have a use case for this. My situation is that we are building out Linux Server environments in AWS cloud for SAP clients and want a way to have centralised accounts for our engineers and allow customers to login with their Microsoft AD user accounts. I’ve been able to

[SSSD-users] Re: SSSD: Cross Forest AD Trust with sssd-ad provider

2016-03-01 Thread Simo Sorce
On Wed, 2016-03-02 at 01:20 +1100, PARTH MONGA wrote: > Hi Jakub, > > Thanks for the prompt reply. > I understood that cross forest transitive trust is not possible with sssd > right now. > But can we make this realistic by introducing freeipa with sssd? > I've checked there documentation seems

[SSSD-users] Re: SSSD: Cross Forest AD Trust with sssd-ad provider

2016-03-01 Thread PARTH MONGA
Without creating direct separate trust agreement there is no way out ? So its like freeipa and sssd stands on same page here. Both of them learns trust relationships within a forest. :( On Wed, Mar 2, 2016 at 1:30 AM, Jakub Hrozek wrote: > On Wed, Mar 02, 2016 at 01:20:24AM

[SSSD-users] Re: SSSD: Cross Forest AD Trust with sssd-ad provider

2016-03-01 Thread Jakub Hrozek
On Wed, Mar 02, 2016 at 01:20:24AM +1100, PARTH MONGA wrote: > Hi Jakub, > > Thanks for the prompt reply. > I understood that cross forest transitive trust is not possible with sssd > right now. > But can we make this realistic by introducing freeipa with sssd? > I've checked there documentation

[SSSD-users] Re: SSSD: Cross Forest AD Trust with sssd-ad provider

2016-02-29 Thread Jakub Hrozek
On Tue, Mar 01, 2016 at 12:10:30AM -, kpr...@gmail.com wrote: > Hi List, > > I am using sssd-1.13 to authenticate my linux clients against Active > Directory. > Got this working too. > > Now we have an incoming one way trust from another domain. > So here is the scenario: > > > AD1: