小龙 陈 wrote:
Hi fellow FreeIPA users!

I just got my FreeIPA set up perfectly and I was wondering if it's possible to 
set it up in the other OS in a dual boot configuration. Since I'm still on the 
same computer (therefore, the same MAC address), ipa-client-install fails 
saying that I'm already joined to the domain.

Is there anything I can do allow the dual booted OS to join? Do I need to 
change my network configuration?

It isn't enforcing it on a MAC level, but a hostname level.

It should be possible though I'm not sure it's a great idea to do so. You'd have effectively two machines claiming to be one.

I haven't tried this procedure, but I suspect this will work.

I'll refer to the different boot states as A and B.

1. Configure A as an ipa client
2. Boot to B
3. On the IPA server run: ipa host-disable A
4. Configure B as an ipa client
5. Copy the host keytab on B from /etc/krb5.conf to the same location on A
6. Boot to A to confirm it works

There is also the matter of the SSL certificate for A and B. It is not currently being used, so it should be safe to stop tracking it on one or both of them:

# ipa-getcert list
# ipa-getcert stop-tracking -i <request_id>

From a support standpoint you'll likely be much better off having separate hostnames for your different boot images.

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to