On Tue, 2011-03-29 at 13:20 -0400, Rob Crittenden wrote:
> If a one-time password is set when a host is created the
> krbPrincipalName is not created. It will be added when the client
> enrolls with the password.
> This means that the host can't enroll with an admin user because we
> don't allow writing krbPrincipalName. This adds an exception that it can
> be written when it is blank.
> ticket 1075
Both IPA server upgrade and then OTP-free client enrollment went fine.
Freeipa-devel mailing list