[Freeipa-users] IPA Client join

Rob Crittenden rcritten at redhat.com
Thu Mar 31 18:46:27 UTC 2011 

Roland Kaeser wrote:
> Hello
>
>> Will there be an update to the ipa-client package in RHEL 6.0, or do we have to wait for RHEL 6.1?

The next update will be in 6.1. I can probably cobble together a srpm 
that would work on 6.0 until 6.1 is released if you'd like.

>
> So which is the software stack to use for my pilot and the later production environment?
> I wouldn't like to use Fedora in company production environments. I would be really prefer to use RHEL6/6.1
> I also checked the latest avialable fedora 15 version. I only can find a alpha version iso from february, 28.
>
> I would really like to have a software stack which works with freeipa (client/server) and afs-server.

Yeah, this is a bit of a grey area right now. IPA does a lot of cat 
herding and keeping all the various versions of the packages we require 
in sync is very tedious.

For a pilot I think you'd be fine using Fedora 14 though I would 
recommend doing some amount of re-testing in F-15 once it is released. 
We've done 80% of our development in F-14 and it works very well. The 
dogtag project built F-14 packages for us as a favor. They don't want to 
support deployments of it because they've done zero testing of their own 
on F-14. You'd need to build the packages yourself though, we haven't 
pushed this to F-14 because of the dogtag issue. mock should be able to 
build it fairly painlessly.

What I've done for my F-15 installations is to install F-14 and then 
upgrade to Fedora-15 from there. It has been fairly painless. The GA IPA 
release is in the stable repo of F-15 now.

regards

rob

>
>
> ----- Ursprüngliche Mail -----
> Von: "Sigbjorn Lie"<sigbjorn at nixtra.com>
> An: "Rob Crittenden"<rcritten at redhat.com>
> CC: "Roland Käser"<roland.kaeser at intersoft-networks.ch>, freeipa-users at redhat.com
> Gesendet: Donnerstag, 31. März 2011 16:14:34
> Betreff: Re: [Freeipa-users] IPA Client join
>
>>
>> In rc2 we had to make a change to the OID used for some operations
>> because they were duplicated. The OID for the ipa-getkeytab operation was one of them, so older
>> clients don't work with newer servers. IIRC the EL6 ipa-client was based on the alpha 3 release.
>>
>> I attached a patch that gives the general idea of what needs to change.
>> It was originally for the EL 5 branch but it may work with few changes
>> in EL6.
>>
>
> Will there be an update to the ipa-client package in RHEL 6.0, or do we have to wait for RHEL 6.1?
>
>
> Rgds,
> Siggi
>
>
>

More information about the Freeipa-users mailing list