On Wed, Sep 03, 2014 at 04:25:00PM +0200, Martin Kosek wrote:
> On 09/03/2014 03:41 PM, Jan Cholasta wrote:
> > "ldap_uri" is set only on servers, on clients you should use "server" (we
> > should probably un-deprecate it). You could use "host" as a fallback, but it
> > will only work on servers, as it points to the local host. IMO the right
> > order
> > is "server", then "ldap_uri", then maybe "host".
> BTW what happens when original server that the client enrolled with no longer
> exist and was replaced by some other server with other FQDN. Will certmonger
> fail in this case or will it fall back and do DNS SRV record to find
> alternative server like "ipa" command does?
It doesn't currently, but that certainly sounds like a reasonable thing
to ask for in a trac ticket or bugzilla.
Freeipa-devel mailing list