#3924 ipa-server-install should warn that trusts to AD will not be possilbe if realm and domain name do not match
Closed: Fixed None Opened 10 years ago by sbose.

AD implicitly assumes that the DNS domain name and the realm of a trusted domain are the same. IPA can be configured so that the domain name and the realm are different. Since neither of them can be changed after the installation there should be a warning during the installation that trusts to AD are not possible if both names do not match (different cases are allowed of course).


Would they be possible if I install another IPA replica in the domain that matches IPA realm? Would that be a workaround?

Closing as dup of #3923.

Dmitri, I posted exactly the same question there, let's continue the discussion there.

I created the two tickets intentionally because two different tools (ipa-server-install and ipa trust-add) should be modified in different ways (print a warning and stop processing).

Re-opning based on Sumit's comment.

Metadata Update from @sbose:
- Issue assigned to tbabej
- Issue set to the milestone: FreeIPA 3.3.x - 2013/09 (bug fixing)

7 years ago

Login to comment on this ticket.

Metadata