小龙 陈 wrote:
Hi fellow FreeIPA users!
I just got my FreeIPA set up perfectly and I was wondering if it's possible to
set it up in the other OS in a dual boot configuration. Since I'm still on the
same computer (therefore, the same MAC address), ipa-client-install fails
saying that I'm already joined to the domain.
Is there anything I can do allow the dual booted OS to join? Do I need to
change my network configuration?
It isn't enforcing it on a MAC level, but a hostname level.
It should be possible though I'm not sure it's a great idea to do so.
You'd have effectively two machines claiming to be one.
I haven't tried this procedure, but I suspect this will work.
I'll refer to the different boot states as A and B.
1. Configure A as an ipa client
2. Boot to B
3. On the IPA server run: ipa host-disable A
4. Configure B as an ipa client
5. Copy the host keytab on B from /etc/krb5.conf to the same location on A
6. Boot to A to confirm it works
There is also the matter of the SSL certificate for A and B. It is not
currently being used, so it should be safe to stop tracking it on one or
both of them:
# ipa-getcert list
# ipa-getcert stop-tracking -i <request_id>
From a support standpoint you'll likely be much better off having
separate hostnames for your different boot images.
Freeipa-users mailing list