The main task we see in front of us as a next step after finishing the IPA v2 development work is allowing IPA and AD to coexist in natural and trusted way in the customer environment. This page is dedicated to tracking this effort.


For IPA to become integrated and trusted by AD, IPA needs to be able to pretend as if it is an AD domain controller. This can be accomplished by integrating Samba 4 and IPA. The two components need to be able to operate on the same data and share the KDC. The following page gives deeper into the drivers and high level architecture of the proposed solution: “IPA and AD” integration.


System Integration#

Backend Synchronization#

Kerberos Integration#

The Kerberos integration effort is tracked here:

New DNS Interface#