Damola Azeez via FreeIPA-users wrote:
I'm Unable to login with the IPA users i created and mapped to
the windows server. Whenever i attempt to login, I'm greeted with a message saying the
user has no right to login because it is not in the Remote desktop group. I can confirm
that the users are in the remote desktop group on windows server.
Link to the image that describes the situation
(
https://www.linkpicture.com/q/Screenshot_1_257.png)
Version/Release/Distribution
=======================
ipa-server-4.9.6-10.0.1.module+el8.5.0+20451+6c55862e.x86_64
ipa-client-4.9.6-10.0.1.module+el8.5.0+20451+6c55862e.x86_64
389-ds-base-1.4.3.23-14.module+el8.5.0+20517+748852bc.x86_64
pki-ca-10.11.2-4.0.1.module+el8.5.0+20486+8c04dafa.noarch
krb5-server-1.18.2-14.el8.x86_64
The ability for IPA users to access Windows resources is not complete
yet. IPA lacks a Global Catalog for AD to look up user information. So
currently an AD trust allows Windows users to access Linux resources,
but not the other way around.
Tremendous work has been done to add a GC but it's a huge effort and not
yet complete. There is no ETA.
rob