Winfried de Heiden via FreeIPA-users wrote:
There's a nice litle article on
http://www.freeipa.org/page/V3/Multitenancy:
/Multi-tenancy is an aspect of Identity Management (IdM) where multiple parties use
the same resource without learn any information about each other. The example is two
rival companies who both operate servers hosted in a public cloud. Neither company
should be aware of the existance of the other users presence in the web using, and
they definitely should not be able to enumerate either the users or the hosts of the
other company due to information leaks inside the cloud services. /
The article is rather old and Multitenancy seems not possible in FreeIPA 4.x.
Is there any progress on this, future plans? Multitenancy for IPA should be a very nice
feature!
Are you really asking for strict multi-tenancy as described above where the tenants even
don't know about the existence of each other?
If yes, what's wrong with running multiple FreeIPA instances with own domain/realm
name?
The hard part is to let tenant users/admins cooperate/merge partially. But that's not
the
definition mentioned above.
Ciao, Michael.