On Fri, 11 Nov 2011, Simo Sorce wrote: > > Should installer schedule running ipa-client-install and enroll the > > machine? Many options can be re-used from the installer itself > > (hostname is known at this point, as well as how network was > > configured), so there is handful of things to discover. > > Hostname in many cases will probably be wrong (left to default > localhost.localdomain) so we should detect if the host name is in the > same domain as the ipa server and ask if the user wouldn't want to > change is (suggesting the 'right' one). We would have to refuse to > proceed if the hostname is localhost.localdomain or any combination > where the host part is localhost and the domain part is localdomain. Indeed -- what I was more about is getting hints from previous stages of installer like "DHCP is enabled and hostname is left default => need to ask to set precise name and whether to enable Dynamic DNS update", etc.
> > Though I would get discovery part of the ipa-client-install reused > > here -- like finding out kerberos setup via DNS and if that fails, > > show UI to enter all additional details, then schedule > > actual enrollment. > > The other problem here is that you may not have admin credentials. > We will need to support using an enrollment password as well as just > skip the join but otherwise configure the rest to work, and tell the > user to call the admin to complete the join later (or maybe just skip it > altogether). Yes. OTP, or admin credentials, or "postpone". -- / Alexander Bokovoy _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
