[Freeipa-users] Re: AD trust external group in the foreman
On ke, 25 maalis 2020, Natxo Asenjo via FreeIPA-users wrote:
hi,
the foreman can not authenticate using external authentication using the
api endpoints, apparently, which is a bit of a bummer.
It can do ldap, though, so the question is:
can I authenticate AD users using the compat tree in Idm? (rhel 7.7 by the
way).
Yes, if two conditions hold:
- the entry in compat tree is first looked up
- that entry DN is used for a bind DN
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland