Hi, Is it possible to enrol a host using `ipa-client-install` behind a TLS proxy?
I need to enrol hosts that can only reach `my.proxy.host:443` due to networking constraints. I see there is MS-KKDCP for kinit, kpasswd etc. We don't have much need for Kerberos ATM and are mainly using user, group lookups along with SSH pubkeys and Sudo rules. I'm assuming that at the very least we are using 389/636 for the above lookups? Then you would at least have to proxy your LDAPS? I have not done a `tcpdump` yet to ascertain what ports are in use. Thank you. _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
