[Freeipa-users] Access to IPA Web-UI with different domain names
David Kupka
dkupka at redhat.com
Mon Apr 27 16:55:14 UTC 2015
On 04/27/2015 06:06 PM, David Dimovski wrote:
> Hi Folks,
> does somebody have a best practice, how to access the IPA Web-UI with
> different domain names?
>
> Example:
> Our IPA 4.1 have two different IPs (extern and intern) with two domain
> names. The web gui is only accessible from the domain name, which IPA was
> registered with (intern domain name). When trying to access with the
> extern domain name, IPA is rewriting to the intern domain name.
>
> After disabling the rewriting, the web ui is accessible from the two
> domain names, but the login is not possible from the extern domain name
> (only intern domain name), getting the following error:
> Logout session expired.
>
> Does sombody has a idea or a clue?
>
> Many thanks in advance!
>
> Best regards
> David
>
>
>
>
Hello!
IIUC this is not something FreeIPA supports. When you deploy FreeInPA
server it is tied to a domain specified during installation.
I think you need to decide whether your FreeIPA domain is internal or
external.
If it's internal it is inaccessible from outside and you need to first
connect to the internal network (e.g. use VPN) and then connect to
FreeIPA server.
If it's external then everything works as expected.
--
David Kupka
More information about the Freeipa-users
mailing list