On Tue, 2012-12-18 at 05:24 +0000, Johan Petersson wrote:
> Unfortunately i still get the same error from the Appliance even after having
> added both host and nfs principals in the IPA web interface.
> "failed to create principal 'host/zfs1.home@HOME': libkadm5clnt error:
> 43787522 (Operation requires ``add'' privilege)"
> I get the impression that the Appliance does not recognize existing
> principals since i still get the same create principal error.
> So it seems that it does not cope with pre existing principals, at least not
> from IPA Server.
> I will contact Oracle about this issue and see what they say.
Is there any support for using this appliance in an Active Directory
domain ? It is possible that they have alternative instructions there.
IIRC AD also does not allow you to create principals via the kadmin
interface. However they may have tied the 'AD option; if any in knots so
that it also doesn't work with anything but a real AD.
IT would be nice to hear how Oracle justifies requiring high credentials
on an appliance otherwise.
Simo Sorce * Red Hat, Inc * New York
Freeipa-users mailing list