[Freeipa-users] FreeIPA and FQDN requirements
Simo Sorce
simo at redhat.com
Fri Aug 8 20:44:58 UTC 2014
On Fri, 2014-08-08 at 17:03 -0300, Bruno Henrique Barbosa wrote:
> Hi everyone,
>
> I know this is such a rich debate, and I mean no offense to you guys,
> but can you focus answering my main question about FreeIPA and why
> can't I install/use it without FQDN and/or even after install it with
> FQDN, will I have trouble going back to the short name?
>
> Thank you and sorry!
You should be able to set back a short hostname provided you check that
in /etc/sssd/sssd.conf you set ipa_hostname to the fully qualified name
in the appropriate domain section.
This will insure sssd (and therefor login) works.
SSHD may not like GSSAPI authentication unless you fool it by a hack in
libkrb5 setting ignore_acceptor_hostname true in krb5.conf in the
[libdefaults] section.
Most stuff should work this way, but cannot vouch for all kerberized
servers you may deploy on such a machine.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list