[Freeipa-users] blocking LDAP from DCs

[Baird, Josh]

I believe that this is no longer needed (you do NOT need to block LDAP from domain controllers).

Josh

-----Original Message-----
From: freeipa-users-bounces at redhat.com [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Andy Thompson
Sent: Friday, April 10, 2015 8:27 AM
To: freeipa-users at redhat.com
Subject: [Freeipa-users] blocking LDAP from DCs

I am testing out trusts in my sandbox and the ipa-adtrust-install script notes at the end that LDAP should be blocked from the domain controllers.  But http://www.freeipa.org/page/Active_Directory_trust_setup  notes that it's not needed.

Which recommendation is correct?

Thanks

-andy



*** This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. ***


-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project