Hello François, team

Thanks for the feedback.

What I want or want is to deploy replica IPA servers in each zone, so that this replication is not complete.

The goal is to manage exclusively and independently of each zone, the users auth. / dns / certificates, in short the local authentications to this zone.

I found, on the freeipa.org site, the command:
ipa toplogysuffix-add

But this command does not exist on my version of IPA server 4.6.5.
Is this a plugin that I need to install? Can you orient me?

Would this command be used to create another suffix on my master IPA server?

Thank you for your feedback.

Regards

Bien à vous

Mr Karim Bourenane

Le mer. 16 déc. 2020 à 08:39, François Cami <fcami@redhat.com> a écrit :

Hi,

No, this is not possible.
What you seem to want to achieve will be best served when the FreeIPA to FreeIPA domain trust is available.
This is not the case today.

François

On Tue, Dec 15, 2020 at 6:07 PM Karim Bourenane via FreeIPA-users <freeipa-users@lists.fedorahosted.org> wrote:
Hello Team

I have a special question, about a partial replication branch domain LDAP into a FreeIPA v. 4.6.2 on Centos 7.7.1908.

I want to deploy several FreeIPA into several network zones.

Its possible to only replicate a branch of data, to manage only an ipa client / dns / certificat to this zone ?

I want to segment data replication for security reasons.

Perhaps I took my project in a bad way ?

Regards / Bien à vous
Mr Karim Bourenane

_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org