Tomas Babej wrote:

Connection error message in ipa-client-install now warns the user
about the need of opening 389 port for directory server.

I think this can be pushed as a one-liner.

I think we should list all ports that are required for client enrollment.

From my calculations we need at a minimum tcp ports 80 and 389, either or both udp/tcp for port 88 and if NTP is enabled 123 udp for enrollment alone. The NTP failure won't cause enrollment to fail though, so we may be able to skip that.

Similarly 464 should be enabled but we don't use it during enrollment.


Freeipa-devel mailing list

Reply via email to