I have a situation I am having a hard time getting a clean answer on.
I have a IDM/IPA domain setup and I have a trust setup with my Windows domain. That part is working perfectly.
I have a one way forest transitive trust (outgoing) with a second windows domain. I want users in this second domain to be able to authenticate to my IDM/IPA domain. I was hoping that this would be possible through my transitive trust with my primary windows domain.
When I issue the command ipa trust-fetch-domains for my primary domain I get the response no new domains found. The second domain is never found.
Here is my question. Is this even possible without creating a trust with the second domain directly? The documentation states that IPA will traverse all trusts and add them. However I am starting to believe that reference is for domains in only one forest. Can anyone clear up that point for me?
Thanks