Hi, On Mon, Sep 1, 2025 at 9:44 PM Oebele Drijfhout via FreeIPA-users < [email protected]> wrote:
> Hello, > > I'm in the process of setting up a one-way trust from FreeIPA to an AD > domain and I'm wondering if it's possible to force FreeIPA to connect to a > subset of the AD domain controllers. The reason: the AD domain's DNS > returns all DCs in various SRV and A records, but only some of them are > reachable due to firewall policies. Unfortunately I'm not able to properly > test this in a test environment (all servers are in the same test subnet), > hence my post. > > So, there are around 10 DCs in this domain, two of these are in the same > subnet as the FreeIPA replicas. Can I somehow force the replicas to connect > only to these DCs? > Does this guide help? https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/7/html/windows_integration_guide/restricting-ipa-or-sssd-to-selected-ad-servers-or-sites flo > > Thanks and kind regards, > -- > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue >
-- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
