<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 03/29/2015 11:50 AM, Gokul wrote:<br>
</div>
<blockquote
cite="mid:CANBf4hfHngc69aLJZPmyXM89_V8Kk-QAUrqK_b71k-BrqrDycQ@mail.gmail.com"
type="cite">
<div dir="ltr">Hi,
<div><br>
</div>
<div>I am tried to run some of my user cases with FreeIPA.</div>
<div><br>
</div>
<div>Have FreeIPA to do only SSH key management in LDAP and PKI
management.</div>
<div><br>
</div>
<div>The understand that every request is kerberized and it has
the DNS is must configuration.</div>
<div><br>
</div>
<div>Can I have FreeIPA to run only SSH Key management with LDAP
and a PKI server with dogtag?</div>
<div><br>
</div>
<div>Thank you</div>
<div>Gokul</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
You can't turn off Kerberos. You would need Kerberos for
administration.<br>
But other clients can take advantage of LDAP and SSH only.<br>
However you are significantly limiting your functionality and
capabilities.<br>
Kerberos is really the key of the solution.<br>
<br>
What is the reason you try to avoid using it?<br>
<br>
<br>
<pre class="moz-signature" cols="72">--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.</pre>
</body>
</html>