[Freeipa-users] How does one authenticate Windows login against IPA
John Meyers
john+freeipa at themeyers.us
Wed May 18 21:19:10 UTC 2016
All,
FreeIPA as we've discovered has some wonderful Windows integration
capability, but it is all predicated on Windows AD being the
authoritative source of user information. 2-Way trusts are great, but
they only work for kerberotized applications, not native Windows rights
(that would require FreeIPA to act as global catalog as I learned from
Alexander). The winsync capability does not, as it turns out, sync
native IPA users to AD.
The million dollar question is if you are 90% Linux shop and FreeIPA is
your authoritative user repository (AD is a blank slate), how do you
perform local Windows login authentication for the 10% of Windows
machines against FreeIPA?
Thank you all!
John
More information about the Freeipa-users
mailing list