[Freeipa-devel] Solaris 10 x86 client
Christian Horn
chorn at fluxcoil.net
Thu Jan 10 12:54:52 UTC 2008
On Tue, Jan 08, 2008 at 11:33:41PM -0500, Rob Crittenden wrote:
>
> 1. Solaris 10 x86 (at least) doesn't support the key type aes256-cts. By
> commenting this out in the IPA kdc.conf I was able to generate a usable
> keytab. If this was there I got all sorts of errors. What is the impact,
> if any, if we drop this. Or is there some other workaround? I tried
> pulling just one enctype into the keytab, perhaps more than 1 is needed.
Should be provided by the 'Solaris 10 Data Encryption Kit':
"The Solaris 10 Data Encryption Kit provides AES 256-bit and
448-bit Blowfish Cryptographic encryption algorithms for use on Solaris 10
SPARC and x86".
> 2. We need to add shadowAccount to the default list of user objectclasses
IBM aix and hp-ux defaults on using ldap-directories could also be exotic,
in case they are also in focus.
Christian
More information about the Freeipa-devel
mailing list