These pages describes just how to setup and configure cross-forest trust between an IPA domain and an advertisement (Active Directory) domain.

These pages describes just how to setup and configure cross-forest trust between an IPA domain and an advertisement (Active Directory) domain.

Articles

  • 1 Description
  • 2 Prerequisites
    • 2.1 IPv6 stack usage
    • 2.2 Trusts and Windows Server 2003 R2
  • 3 Assumptions
  • 4 Install and configure IPA server
    • 4.1 make certain all packages are as much as date
    • 4.2 Install needed packages
    • 4.3 Configure host title
    • 4.4 Install IPA host
    • 4.5 Login as admin
    • 4.6 Make sure IPA users can be found to your system solutions
    • 4.7 Configure IPA host for cross-forest trusts
  • 5 Cross-forest trust list
    • 5.1 Date/time settings
    • 5.2 Firewall setup
      • 5.2.1 On AD DC
      • 5.2.2 On IPA host
        • 5.2.2.1 Firewalld
        • 5.2.2.2 iptables
    • 5.3 DNS setup
      • 5.3.1 Conditional DNS forwarders
      • 5.3.2 If AD is subdomain of IPA
      • 5.3.3 If IPA is subdomain of advertising
      • 5.3.4 Verify DNS setup
  • 6 Establish and trust that is verify cross-forest
    • 6.1 trust that is add advertising domain
      • 6.1.1 When AD administrator qualifications can be obtained
      • 6.1.2 Whenever advertisement administrator qualifications are not available
    • 6.2 Edit /etc/krb5.
Read More