[Freeipa-users] IPA 3 client and IPA 4 server
Dmitri Pal
dpal at redhat.com
Sat Aug 23 19:26:19 UTC 2014
On 08/23/2014 08:03 PM, Kat wrote:
> Hi,
>
> Wondering about mixed configs and using features from the server such
> as OTP. Has anyone done this with a v3 client? I know it is mostly
> sssd, but wondering if there might be any gotchas.
>
> Thanks
>
It depends how you want to use it.
If your client is LDAP any clients should work but be sure to use SSL
when you bind.
SSSD will try to use kerberos. There have been some glitches reported
with SSSD in kerberos mode trying to do OTP. So far I recall some
failures if UDP is configured for kerberos so the it should be turned
off in the krb5.conf on the client. And then there are issues with the
password change if you use OTPs managed by IPA (but not external ones).
But other than that 1.11 SSSD on top of F20+ and RHEL/CentOS 7 should work.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
More information about the Freeipa-users
mailing list