Just a note...on compatibility....yes I know IPA isnt fit yet but.......

If your POC environment is Vmware based F14 isnt supported for vmtools and you 
cant install vmware tools either it barfs at kernel detection, not good. 

So, if I want to do freeIPA I have to run F14 on RHEL6.0 as KVMs and connect to 
VMWare ESXi with ethernet cables....then I have to have RHEL6 on real hardware 
as well running virtual box so I can run a virtualised copy of my Sun 7410 
array (NB  you cant run virtual box on rhel6 with kvm at the same time) and 
there is no vmware or kvm image for the sun array software and I have to make 
this all work.....its goddam painful....you should see my desk.....a spider 
would feel happy....


It will be really nice when there are some binary IPA rpms for RHEL 6.x, trying 
to / accidently restricting stuff just hurts.  



From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on 
behalf of Rob Crittenden [rcrit...@redhat.com]
Sent: Friday, 1 April 2011 7:46 a.m.
To: Roland Käser
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] IPA Client join

Roland Kaeser wrote:
> Hello
>> Will there be an update to the ipa-client package in RHEL 6.0, or do we have 
>> to wait for RHEL 6.1?

The next update will be in 6.1. I can probably cobble together a srpm
that would work on 6.0 until 6.1 is released if you'd like.

> So which is the software stack to use for my pilot and the later production 
> environment?
> I wouldn't like to use Fedora in company production environments. I would be 
> really prefer to use RHEL6/6.1
> I also checked the latest avialable fedora 15 version. I only can find a 
> alpha version iso from february, 28.
> I would really like to have a software stack which works with freeipa 
> (client/server) and afs-server.

Yeah, this is a bit of a grey area right now. IPA does a lot of cat
herding and keeping all the various versions of the packages we require
in sync is very tedious.

For a pilot I think you'd be fine using Fedora 14 though I would
recommend doing some amount of re-testing in F-15 once it is released.
We've done 80% of our development in F-14 and it works very well. The
dogtag project built F-14 packages for us as a favor. They don't want to
support deployments of it because they've done zero testing of their own
on F-14. You'd need to build the packages yourself though, we haven't
pushed this to F-14 because of the dogtag issue. mock should be able to
build it fairly painlessly.

What I've done for my F-15 installations is to install F-14 and then
upgrade to Fedora-15 from there. It has been fairly painless. The GA IPA
release is in the stable repo of F-15 now.



> ----- Ursprüngliche Mail -----
> Von: "Sigbjorn Lie"<sigbj...@nixtra.com>
> An: "Rob Crittenden"<rcrit...@redhat.com>
> CC: "Roland Käser"<roland.kae...@intersoft-networks.ch>, 
> freeipa-users@redhat.com
> Gesendet: Donnerstag, 31. März 2011 16:14:34
> Betreff: Re: [Freeipa-users] IPA Client join
>> In rc2 we had to make a change to the OID used for some operations
>> because they were duplicated. The OID for the ipa-getkeytab operation was 
>> one of them, so older
>> clients don't work with newer servers. IIRC the EL6 ipa-client was based on 
>> the alpha 3 release.
>> I attached a patch that gives the general idea of what needs to change.
>> It was originally for the EL 5 branch but it may work with few changes
>> in EL6.
> Will there be an update to the ipa-client package in RHEL 6.0, or do we have 
> to wait for RHEL 6.1?
> Rgds,
> Siggi

Freeipa-users mailing list

Freeipa-users mailing list

Reply via email to