Bug 1185854

Summary: [RFE] Support trust with other FreeIPA realm
Product: Red Hat Enterprise Linux 9 Reporter: Martin Kosek <mkosek>
Component: ipaAssignee: Florence Blanc-Renaud <frenaud>
Status: NEW --- QA Contact: ipa-qe <ipa-qe>
Severity: unspecified Docs Contact:
Priority: medium    
Version: unspecifiedCC: abokovoy, alex.wang, apeddire, atolani, baptiste.agasse, bzehrfuc, commodorekappa+redhat, cparadka, dconsoli, dgross, ekeck, ipa-maint, Isabel.hernanz, jfont, ldelouw, mpanaous, mreinke, mrichter, msauton, mtenheuv, nsuryawa, pasik, pvoborni, rcritten, rrubins, seldridg, sgadekar, sigbjorn.lie, tbiggs, tomek, tscherf, wdh
Target Milestone: betaKeywords: FutureFeature, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Martin Kosek 2015-01-26 12:55:33 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/4867

FreeIPA supports [http://www.freeipa.org/page/Trusts trusts with AD] (mostly in AD -> IPA direction, the other direction will be ready when #3125 is closed).

When the full AD trust is ready, the implemented interface shall be also used to create trust with other FreeIPA DCs.
Comment 3 Luc de Louw 2016-06-28 18:05:50 UTC 
It would also be great to be able to only trust a subset of users of another domain. I.e. a group of users.