On pe, 13 touko 2022, Damola Azeez via FreeIPA-users wrote:
Hi Sumit,
Yes, Same domain.
So you have unsupported configuration which is clearly described in RHEL
IdM documentation as well as at
https://www.freeipa.org/page/Deployment_Recommendations:
--------------------------------------------------------------------
Domain
FreeIPA should always have own primary domain, e.g.
example.com or
ipa.example.com which should not be shared with other Kerberos based
identity management system as otherwise there will be collisions on
Kerberos system level.
--------------------------------------------------------------------
This is a fundamental requirement.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland