FreeIPA design documentation#
- One-way trust with shared secret
- Support domain controller for Samba file server as domain member on IPA client
- Support Samba file server as a domain member on IPA client
- Manage FreeIPA as a user from a trusted Active Directory domain
- Include users and groups from a trusted Active Directory domain into SUDO rules
- ID Range: new option for private groups
- Policies by authentication indicators
- Extdom plugin protocol
- Expiring Password Notifications
- LDAP Grace Period
- PasswordExpired control
- Password quality using libpwquality
- Member Manager for group membership
- Hidden replicas
- Disable Stale Users
- Central management of subordinate user and group ids
- FreeIPA and an external identity provider integration
- IPA and an external identity provider integration - idp objects
- IPA client enrollment with PKINIT
- FreeIPA Pull Request CI (PR-CI) checker tool