[Freeipa-devel] [freeipa PR#666][comment] Fix anonymous principal handling in replica install
stlaz
freeipa-github-notification at redhat.com
Wed Mar 29 13:24:30 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/666
Title: #666: Fix anonymous principal handling in replica install
stlaz commented:
"""
I actually did the review of https://github.com/freeipa/freeipa/pull/631 alongside this.
I do not think the order of adding the anonymous principal and setting up PKINIT matters that much. From what I saw in Kerberos guides, it's usually actually done after PKINIT setup since until then, the anonymous principal is pretty much unusable.
The problem was rather the testing of anonymous pkinit before the anonymous principal was added, that is just plainly weird and I'm glad that that's now fixed.
ACK since this fixes the issues mentioned in comments.
"""
See the full comment at https://github.com/freeipa/freeipa/pull/666#issuecomment-290088490
More information about the Freeipa-devel
mailing list