JR Aquino wrote:
On Apr 8, 2011, at 8:03 AM, Rob Crittenden wrote:
On Apr 8, 2011, at 7:24 AM, "Rob Crittenden"<rcrit...@redhat.com> wrote:
ipa-nis-manage was failing because root has very limited capabilities when
binding over ldapi because of autobind. So don't use ldapi.
Also force this to be run as root since we start/stop and configure/unconfigure
services.
ticket 1157
rob
<freeipa-rcrit-767-nis.patch>
JR Aquino wrote:
Does this imply the use of ldap with tls now or just standard ldap?
There was a previous ticket that changed this and many other tools such that
they used ldapi to accommodate FreeIPA with a minssf set.
It uses 389, no TLS.
rob
Is there a way to solve both problems?
#1 Autobind limits root -> ldapi
#2 IPA Tools should not fail when 389ds:dse.ldif has minssf set?
-Fixed the top posting. sorry about that.-
Maybe, I also want to apply an appropriate level of effort. In reality
this command is going to be run 1 or 2 times in the lifetime of an IPA
server.
rob
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
