Greetings! Password changes will use Kerberos port 464. Is Nginx forwarding port 464 to whatever domain controllers are managing the users who want to change their password?
--David Alston From: doug.kelly--- via FreeIPA-users [mailto:email@example.com] Sent: Monday, September 11, 2017 10:16 AM To: firstname.lastname@example.org Cc: doug.ke...@wipro.com Subject: [Freeipa-users] Nginx in front of IPA? Hi, We have an "interesting" set up here and ultimately it means that some of our users are on a network that can't access the domain that the IPA servers are on so can't reset their passwords. However, they do have access to a domain that we can proxy requests through to get to IPA. Through googling a bit I saw people mention changing 'xmlrpc_uri' in /etc/ipa/default.conf along with some proxy settings for nginx but couldn't really see anything "official". Has anyone successfully put nginx in front of a cluster of IPA servers? Is there any documentation to detail the steps involved? Thanks, Doug Wipro Limited (Company Regn No in UK FC 019088) Address: Level 2, West wing, 3 Sheldon Square, London W2 6PS, United Kingdom. Tel +44 20 7432 8500 Fax: +44 20 7286 5703 VAT Number: 563 1964 27 (Branch of Wipro Limited (Incorporated in India at Bangalore with limited liability vide Reg no L99999KA1945PLC02800 with Registrar of Companies at Bangalore, India. Authorized share capital Rs 5550 mn)) Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com<http://www.wipro.com> ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________
_______________________________________________ FreeIPA-users mailing list -- email@example.com To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org