[Freeipa-users] hesitate to deploy freeipa
Lukas Slebodnik
lslebodn at redhat.com
Fri Jun 26 10:55:23 UTC 2015
On (26/06/15 12:48), Petr Spacek wrote:
>On 26.6.2015 12:18, Lukas Slebodnik wrote:
>> On (26/06/15 01:29), Prasun Gera wrote:
>>> I've found that if you are setting up a new environment from scratch which
>>> is mostly going to involve RHEL/Fedora systems, and that you have full
>>> control over your network including DNS, DHCP etc., it should mostly be
>>> smooth sailing. However, if you already have a network of old and new
>>> machines running different versions and flavours of unix, there is
>>> significantly more work involved. That is, there is significant complexity
>>> on client side code as well which should not be discounted. Do a survey of
>>> the state of client side support on different distributions. From my
>>> experience, Ubuntu 12.04 is iffy. There's also an open ticket pushed to
>> ipa-client-install is not properly ported to ubuntu 12.04 and
>> moreover there is quite there quite old version of sssd 1.11.5-1
>> which contains may bugs. Lots of them are fixed in upstream 1.11.7
>> and some of them in 1.11.8 which we would like to release in few weeks.
>> so If you hit bugs on ubuntu 12.04 please try latest upstream version (1.11)
>> or file bugs to ubuntu.
>>
>>> 'future' on FreeNAS, which is BSD based. IMO this is one of the major
>>> hurdles for wider adoption.
>>>
>> FreeNAS is based on FreeBSD and ipa-client-install is not available there.
>> The only benefit is newer version of sssd (1.11.7) than in ubuntu 12.04.
>> There was also thread here(freeipa-users) with document describing steps
>> for configuration on FreeBSD.
>
>More importantly, ipa-client-install is just a thin configuration tool. If
>ipa-client-install is not available on your platform you can configure
>everything manually and it will work (as long as the client is
>standard-compliant).
>
>I.e. the client side is *in the worst case* (without ipa-client-install)
>equally hard to setup as for any home-made solution.
>
There is a ticket[1] for description of steps done by ipa-client-install.
One use-case is "containers world" and another is to help others to manually
configure machine against FreeIPA. It is planned fo FreeIPA 4.2 release
So I hope it will be finished on time.
LS
[1] https://fedorahosted.org/freeipa/ticket/4993
More information about the Freeipa-users
mailing list