The documentation on this is pretty good. Basically, you can ’trust’ AD from FreeIPA,
which means the users from AD can be used in IPA. Groups too. Passwords must be set and
reset in AD, but everything you need for Linux (SSH keys, host rules etc) can be done in
IPA.
https://www.freeipa.org/page/Active_Directory_trust_setup
On 7 Mar 2019, at 18:34, Kristian Petersen via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
Hello,
Where I work we are a small shop. We are currently using just FreeIPA for authentication
and DNS and other Linux management stuff that it does for us. We have enough Windows
workstations now that it would be really nice to be able to manage those like we can our
Linux stuff. From what I have read thus far, it seems that if you use FreeIPA with AD AD
is the primary user store and FreeIPA kind of takes a back seat. I am looking for some
help in better understanding the implications of using FreeIPA along with AD. Is there
someone who could help me unravel this a bit or point me at some good resources?
--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...