[Freeipa-devel] [PATCH] 256 Make ipa 2.2 client capable of joining an older server
Martin Kosek
mkosek at redhat.com
Wed May 2 13:47:59 UTC 2012
Testing instructions included in the ticket.
---
IPA server of version 2.2 and higher supports Kerberos S4U2Proxy
delegation, i.e. ipa command no longer forwards Kerberos TGT to the
server during authentication. However, when IPA client of version
2.2 and higher tries to join an older IPA server, the installer
crashes because the pre-2.2 server expects the TGT to be forwarded.
This patch adds a fallback to ipa-client-install which would detect
this situation and tries connecting with TGT forwarding enabled
again.
https://fedorahosted.org/freeipa/ticket/2697
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkosek-256-ipa-client-install-delegate.patch
Type: text/x-patch
Size: 2970 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20120502/ac6fc7d1/attachment.bin>
More information about the Freeipa-devel
mailing list