Hi 8><--------
What you need is some knowledge of LDAP, and to work with your vendors to figure out how they should be configured to work with IPA. 8><------- Funny but I thought a goal of IPA was to make this easier....so you dont need such depth of knowledge..... Like I keep saying its a translation process so you can start to understand it.....Im having huge problems with it... which is a worry because if I have problems the other admins are probably going to fail. I have tried to self-educate myself but Im not getting far at it. "Vendors" in NZ just import in a box, its a function of our small population, few have any depth of knowledge....a few have happily admitted to me that if we buy the hardware they will get some training....until then they are as clueless as we are. 8><------- BTW, for a proxy appliance I believe you want Kerberos authentication to provide single sign on, and use LDAP merely to do the authorization. 8><------ I suspected that but, no where in Bluecoat can I see anything to do kerberos to a kerberos server, so i suspect it wont work as single sign on, so I maybe wasting my time. regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users