On 08.11.19 11:08, Alexander Bokovoy via FreeIPA-users wrote:
[...]
> Are these assumptions true:
> - ipaA became a trust controller by issuing the "ipa trust-add" command
> - ipaB will have to be configured as trust agent
Correct. By running ipa-adtrust-install --add-agents on ipaA, you can
add ipaB to the set of trust agents.
Thank you very much. Now I have a working setup.
Just two remaining questions...
1)
If I wanted another server to be a trust controller I would run
"ipa-adtrust-install" on that server?
2)
In order to add all remaining IPA servers as a trust agent I could run
"ipa-adtrust-install --add-agents" on any trust controller in my setup?
Cheers,
Ronald