[Freeipa-devel] [Freeipa-users] FreeIPA AD Trust improvements, Fedora 19 Test Day, July 25th
Aly Khimji
aly.khimji at gmail.com
Sat Jul 20 03:51:02 UTC 2013
Wow.. These sound like some amazing additions and enhancements, great
work! keep up the good job guys!
Aly
On Jul 19, 2013 5:57 PM, "Dmitri Pal" <dpal at redhat.com> wrote:
> Hello,
>
> The FreeIPA team is happy to welcome you to a Fedora Test Day that is
> being held on Thursday, July 25th.
>
> We would like to invite you to take part in testing of the upcoming
> FreeIPA 3.3
> release containing 2 major improvements for easier deployment of FreeIPA
> Active
> Directory Trust feature to existing environments:
>
> 1) Use POSIX attributes defined in Active Directory [1]
>
> With previous FreeIPA releases, users coming from Active Directory to
> FreeIPA
> managed machines were always assigned POSIX attributes (UID and GID) by
> algorithmic mapping.
>
> However, in some deployments, Active Directory users and groups already
> have
> defined custom POSIX attribute values (UID and GID), which may then be
> leveraged on Linux machines via other 3rd party Active Directory
> integration
> solutions. Administrator may choose to keep the values to not disrupt file
> ownerships.
>
> With FreeIPA 3.3, FreeIPA Active Directory Trust may be configured to use
> these
> attributes when Active Directory user authenticates to Linux machines.
>
>
> 2) Expose POSIX data on legacy systems without recent SSSD
>
> Administrators may have a deployment of machines which cannot use the
> recent
> SSSD with Active Directory Trust support but would still like to be able to
> authenticate with Active Directory user to these machines. This may affect
> for
> example older Linux machines, UNIX machines.
>
> With FreeIPA 3.3, Administrator may configure a compatibility LDAP tree
> which
> will contain identities of the Active Directory users to the legacy
> systems.
> These systems may then leverage standard LDAP authentication in this tree
> allowing selected Active Directory users to authenticate.
>
>
> To read more about the Test Day and suggested tests, see the following
> link:
>
>
> https://fedoraproject.org/wiki/Test_Day:2013-07-25_AD_trusts_with_POSIX_attributes_in_AD_and_support_for_old_clients
>
> Thank you for your help and participation!
>
> The FreeIPA team
>
> [1] http://www.freeipa.org/page/V3/Use_posix_attributes_defined_in_AD
> [2] http://www.freeipa.org/page/V3/Serving_legacy_clients_for_trusts
>
> [IdM | IPA] FAQs: https://url.corp.redhat.com/idm-faq
> Identity Management SME Team on Docspace
> https://url.corp.redhat.com/sme-idm
> Search the archives: post-office.corp.redhat.com/mailman/listinfo/idm-tech
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130719/2d8ddfa2/attachment.htm>
More information about the Freeipa-devel
mailing list