On Wed, Sep 03, 2014 at 04:25:00PM +0200, Martin Kosek wrote: > On 09/03/2014 03:41 PM, Jan Cholasta wrote: > > "ldap_uri" is set only on servers, on clients you should use "server" (we > > should probably un-deprecate it). You could use "host" as a fallback, but it > > will only work on servers, as it points to the local host. IMO the right > > order > > is "server", then "ldap_uri", then maybe "host". > > BTW what happens when original server that the client enrolled with no longer > exist and was replaced by some other server with other FQDN. Will certmonger > fail in this case or will it fall back and do DNS SRV record to find > alternative server like "ipa" command does?
It doesn't currently, but that certainly sounds like a reasonable thing to ask for in a trac ticket or bugzilla. Cheers, Nalin _______________________________________________ Freeipa-devel mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-devel