[Freeipa-users] freeipa behind a load balancer
Brendan Kearney
bpk678 at gmail.com
Tue Mar 31 17:49:21 UTC 2015
On Tue, 2015-03-31 at 19:36 +0200, Matt . wrote:
> OK, but as I say, without the loadbalancer, same domain it works.
>
All the more reason to capture the session and review it in wireshark.
> My IPA server also sees the client name and ptr as I do nat.
>
> So you create a keytab for your host you are doing the commands from ?
all of my hosts get a host principal and have it put
in /etc/krb5.keytab. i run kadmin to generate them. freeipa likely has
utilities for this, but am not sure what they are.
> I was using a user keytab and run my commands as that user, that works
> to ipa-01
>
> It's getting something more clear.
More information about the Freeipa-users
mailing list