[Freeipa-users] user unable to change password after admin resets pw
Rob Crittenden
rcritten at redhat.com
Fri Feb 17 14:48:24 UTC 2012
Kelvin Edmison wrote:
> It turns out I had missed the UDP ports for kerberos (88) and kpasswd (464)
> in the firewall configuration.
>
> I had the TCP ports open, just not the UDP ones. I missed the fine print
> that said these two ports had to be open via both TCP and UDP. I think this
> constitutes a vote of support for
> https://fedorahosted.org/freeipa/ticket/2110 :)
>
> While on the topic of firewall configuration, why are the list of ports
> different in bug 2110 versus the Red Hat IPA documentation
> http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_M
> anagement_Guide/Preparing_for_an_IPA_Installation.html ?
>
> Bug 2110 appears to skip all the dogtag ports, even though the RedHat IPA
> document says that they 'cannot be in use by another service or blocked by a
> firewall'.
dogtag is now proxied behind the Apache web server so ports 9xxx no
longer need to be open.
I'll get the docs updated.
rob
More information about the Freeipa-users
mailing list