On Wed, Sep 03, 2014 at 04:25:00PM +0200, Martin Kosek wrote:
> On 09/03/2014 03:41 PM, Jan Cholasta wrote:
> > "ldap_uri" is set only on servers, on clients you should use "server" (we
> > should probably un-deprecate it). You could use "host" as a fallback, but it
> > will only work on servers, as it points to the local host. IMO the right 
> > order
> > is "server", then "ldap_uri", then maybe "host".
> 
> BTW what happens when original server that the client enrolled with no longer
> exist and was replaced by some other server with other FQDN. Will certmonger
> fail in this case or will it fall back and do DNS SRV record to find
> alternative server like "ipa" command does?

It doesn't currently, but that certainly sounds like a reasonable thing
to ask for in a trac ticket or bugzilla.

Cheers,

Nalin

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to