[Freeipa-users] Problem installing client on server
Simo Sorce
simo at redhat.com
Fri Nov 4 16:27:13 UTC 2011
On Fri, 2011-11-04 at 17:07 +0100, tomasz.napierala at allegro.pl wrote:
> On 4 lis 2011, at 16:57, Simo Sorce wrote:
>
> > Not necessarily related to your problem, but in general I would
> strongly
> > suggest all freeipa users to:
> >
> > a) use domain names that are longer than a single component
> > (for example in your case 'ipa.dc2' instead of just 'dc2')
> >
> > b) let the kerberos realm exactly match the domain name.
> > (In your case let it be 'IPA.DC2')
> >
> > We do not enforce these rules but not following them can cause you
> > additional headaches in some cases.
>
>
> I know that from 1.x deployment. Unfortunately adding another domain
> would completely destroy our infrastructure management tools ;)
>
You seem to be in one of those corner cases for which we decided to not
enforce those rule programmatically ...
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list