[Freeipa-devel] [PATCH] Add kerberos mapping for clients outside the IPA domain
Lars Sjöström
lars at radicore.se
Fri Oct 21 11:57:47 UTC 2011
Excellent! Thanks guys! Still a chance that this can be backported
into rhel6.2 release?
Best regards,
Lars
2011/10/21 Alexander Bokovoy <abokovoy at redhat.com>:
> On Fri, 21 Oct 2011, Martin Kosek wrote:
>> On Thu, 2011-10-20 at 10:26 +0200, Lars Sjöström wrote:
>> > Proposed patch for bug https://fedorahosted.org/freeipa/ticket/2006
>> thank you for your investigation of the problem and the patch!
>>
>> I had to refactor the patch a little, your patch updated just the
>> temporary krb5.conf, not the one put permanently to /etc/krb5.conf.
>>
>> I also moved DNS update before the certmonger is being configured.
>> Otherwise certmonger may fail because the client does not have proper
>> DNS record.
>>
>> Patch attached.
> ACK. It took me a while but hostname is ensured to be FQDN by the
> point we do that dangerous hostname[where is the dot+1:] operation. :)
>
> --
> / Alexander Bokovoy
>
--
Lars Sjöström
Senior Consultant / Owner
Radicore AB
Mobile: +46 (0)703 021502
Email: lars at radicore.se
Web: http://www.radicore.se
More information about the Freeipa-devel
mailing list