Hi, I'm going to transfer data between two Hadoop clusters kerberizd/joined to separate freeIPAs using distcp. The distcp command or any tool requires to authenticate to both freeIPAs (grant permission to read from one server and write to other). My priority is to make the least possible changes to source cluster/freeIPA which is in production, so I tried to setup trusted real between these but failed, it seems that trusted realm is only possible (or documented) between AD and freeIPA. Is it possible to setup trusted Realm between two freeIPAs(and if yes how to)? What are the other options to do the job with less impact on source freeIPA? Also making freeIPAs to be replica for each other is not a good option for me, because i need to separate them later.
Thanks in advance
On Срд, 14 лют 2024, Farshad Allahdadi via FreeIPA-users wrote:
Hi, I'm going to transfer data between two Hadoop clusters kerberizd/joined to separate freeIPAs using distcp. The distcp command or any tool requires to authenticate to both freeIPAs (grant permission to read from one server and write to other). My priority is to make the least possible changes to source cluster/freeIPA which is in production, so I tried to setup trusted real between these but failed, it seems that trusted realm is only possible (or documented) between AD and freeIPA. Is it possible to setup trusted Realm between two freeIPAs(and if yes how to)? What are the other options to do the job with less impact on source freeIPA? Also making freeIPAs to be replica for each other is not a good option for me, because i need to separate them later.
IPA-IPA trust is currently not supported.
freeipa-users@lists.fedorahosted.org