[Freeipa-users] FreeIPA v 2.2 in an AD environment

Steven Jones Steven.Jones at vuw.ac.nz
Tue Nov 6 00:35:09 UTC 2012 

Hi,

Yes.....In hindsight its pretty obvious when you have a new product connecting to another complex product in a "foreign way" in a enterprise / complex environment that some shake-out is going to happen.  I guess I didnt know what I didnt know and I got accelerated in deploying IPA faster and further than I'd said was what I wanted....hence some Dragons...(quite like that)....

The only issue Ive had really is the speed of solving, not the solving....but RH support has definitely stepped up to the plate and is now significantly better, huge learning curve.

Hopefully my successors will have that benefit.

regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272

________________________________________
From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com] on behalf of Dmitri Pal [dpal at redhat.com]
Sent: Tuesday, 6 November 2012 12:55 p.m.
To: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] FreeIPA v 2.2 in an AD environment

On 11/05/2012 02:01 PM, Steven Jones wrote:
> corner case?
>
> as in not very standard?
>
> In which case, yes I suppose so. AD is a very complex thing and you can customise it it seems.  As a Linux person wandering into such a thing as a non-standard AD and not knowing this its a bit of a minefield.....but of course you dont know you are in one! so dont know what to ask....experience the hard way.  Dragons, yes my armour is definately a bit runny....

Steven, let me put this way: you were unlucky to be the first to produce
the configuration we never seen before (AD sync is a part of DS for
ages). Things evolve on the AD side and we are not the first to know or
experience new changes and configurations that AD adds. AD in fact big
and complex. I am sorry about what you have been through but we
unfortunately did not anticipate the scenarios and configuration that
you presented. For us they were the corner cases at the moment. Now they
are not since you hit them, we learned the details of those issues and
addressed them.

> regards
>
> Steven Jones
>
> Technical Specialist - Linux RHCE
>
> Victoria University, Wellington, NZ
>
> 0064 4 463 6272
>
> 8><----------
>
>> Sync: available starting the beginning of the IPA life. It has some
>> limitations and we indeed had some issues with the corner cases that
>> Steve's environment has. They are not common but you have been warned
>> anyways.
> 8><-----------
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users


--
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



_______________________________________________
Freeipa-users mailing list
Freeipa-users at redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

More information about the Freeipa-users mailing list