H Jakub Hrozek
I also have a use case for this. My situation is that we are building out Linux Server
environments in AWS cloud for SAP clients and want a way to have centralised accounts for
our engineers and allow customers to login with their Microsoft AD user accounts.
I’ve been able to get this to work with the Linux Servers (CentOS 7) connected to our IPA
Domain with a one-way trust relationship between our IPA Domain and the customers AD
forest however, IPA is another set of infrastructure that we would rather do without and
use our existing Microsoft AD domain with a one-way trust from customer to us.
This doesn’t seem to work when the Linux Server is a member of our Microsoft AD domain.
On Tue, Mar 01, 2016 at 12:10:30AM -0000,
kprprl(a)gmail.com wrote:
…
<
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...
"Not supported at the moment short of joining the client to the two forests and
defining two [domain] sections.”
Q1. How can I join the client to two forests and define two [domain] sections?
On Tue, Mar 01, 2016 at 12:10:30AM -0000,
kprprl(a)gmail.com wrote:
“...It's planned but we're not there yet…”
Q2. Any news on when this feature may be implemented on your Road Map?
Best Regards,
Tony Barganski