> I would like to use FreeIPA to manage Linux VDI machines, but VMware is > Active Directory-centric, and it's Horizon Connection Server creates > machine objects on AD that the VM's join to when created - and these > objects are deleted automatically when the corresponding VM ceases to > exist. > > I wonder if would be possible to simply join the machine to FreeIPA but > to an object that exists on AD, so that AD could delete it when the VM > ceases to exist.
Perhaps you want what Red Hat calls 'direct integration' of sssd (on your VM) to AD? https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/integrating_rhel_systems_directly_with_windows_active_directory/index In which case you don't use FreeIPA at all. (Out of interest, how does VMWare send credentials into the VM so it can join the domain?) -- Sam Morris <https://robots.org.uk/> PGP: rsa4096/CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9 _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
