[Test-Announce] FreeIPA AD Trust improvement Test Day tomorrow, 2013-07-25

dan.mashal at gmail.com dan.mashal at gmail.com
Thu Jul 25 03:23:17 UTC 2013


Hi Adam,

I apologize if I missed this in your email but Is there a link for Windows Administrators as to what versions of AD (2000,2003,200877,2012)  are supported and their caveats?
Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: Adam Williamson <awilliam at redhat.com>
Sender: devel-bounces at lists.fedoraproject.org
Date: Wed, 24 Jul 2013 15:59:47 
To: <test-announce at lists.fedoraproject.org>
Reply-To: test at lists.fedoraproject.org,
	Development discussions related to Fedora
	<devel at lists.fedoraproject.org>
Subject: [Test-Announce] FreeIPA AD Trust improvement Test Day tomorrow,
	2013-07-25

Hello,

The FreeIPA team is happy to welcome you to a Fedora Test Day that is
being held on Thursday, July 25th.

We would like to invite you to take part in testing of the upcoming FreeIPA 3.3
release containing 2 major improvements for easier deployment of FreeIPA Active
Directory Trust feature to existing environments:

1) Use POSIX attributes defined in Active Directory [1]

With previous FreeIPA releases, users coming from Active Directory to FreeIPA
managed machines were always assigned POSIX attributes (UID and GID) by
algorithmic mapping.

However, in some deployments, Active Directory users and groups already have
defined custom POSIX attribute values (UID and GID), which may then be
leveraged on Linux machines via other 3rd party Active Directory integration
solutions. Administrator may choose to keep the values to not disrupt file
ownerships.

With FreeIPA 3.3, FreeIPA Active Directory Trust may be configured to use these
attributes when Active Directory user authenticates to Linux machines.


2) Expose POSIX data on legacy systems without recent SSSD

Administrators may have a deployment of machines which cannot use the recent
SSSD with Active Directory Trust support but would still like to be able to
authenticate with Active Directory user to these machines. This may affect for
example older Linux machines, UNIX machines.

With FreeIPA 3.3, Administrator may configure a compatibility LDAP tree which
will contain identities of the Active Directory users to the legacy systems.
These systems may then leverage standard LDAP authentication in this tree
allowing selected Active Directory users to authenticate.


To read more about the Test Day and suggested tests, see the following link:

https://fedoraproject.org/wiki/Test_Day:2013-07-25_AD_trusts_with_POSIX_attributes_in_AD_and_support_for_old_clients

Thank you for your help and participation!

The FreeIPA team

[1] http://www.freeipa.org/page/V3/Use_posix_attributes_defined_in_AD
[2] http://www.freeipa.org/page/V3/Serving_legacy_clients_for_trusts
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net

_______________________________________________
test-announce mailing list
test-announce at lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/test-announce
-- 
devel mailing list
devel at lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel


More information about the devel mailing list