Dmitri Pal wrote:
Why make them fail?True, it isn't ideal but all users fail the first time in the browser as it is. There isn't a stable way to pre-configure the browser currently. It either involves directly modifying files in the firefox rpm which will both cause rpm verification issues and be lost when an upgrade is done. Or we have to run something on the client to fix their browser profile when we run ipa-client-install and this will only affect existing profiles (and won't take effect until any running browser is restarted).This should be filed as an RFE with FF.
This would be handled by the bug below.
There is a browser bug filed so one can configure a directory of additional settings to be read as sort of a global configuration cache. Once this is available we can write to one spot and pre-configure kerberos settings.Can you point me to it?
Yes but beginning with FF 3.5 they have to go through a 2-step process where they accept the CA, add an exception etc.
Why it causes hair-on-fire?
The message is not configurable, it just says that something is trying to modify your user preferences.
Description: S/MIME Cryptographic Signature
_______________________________________________ Freeipa-devel mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-devel