On 07/30/2013 05:52 PM, Alexander Bokovoy wrote: > On Tue, 30 Jul 2013, Dmitri Pal wrote: >> On 07/30/2013 08:17 AM, Matt . wrote: >>> Hi Dimitri, >>> >>> It's a good tuturial but I'm kinda stuck (and new to that part) >>> >>> What we seem to need is: >>> >>> A -> B -> C -> D >>> A= user(running one) B= Webserver C=IPAserver D= LDAP on IPAserver >>> >>> I thought we didn't need the C -> D part because this is what IPA >>> does. We actually need the A -> B -> C part exectured from a php >>> script to add a user with user_add. >>> >>> More details about that are welcome. >> >> You use the article but instead of accessing LDAP directly you need to >> access ipa web sever because you will be running IPA commands and not >> LDAP queries. >> So you instead of using |ldap/ipa.example.com| principal as outlined in >> the article you configure aquision of tickets for |http/ipa.example.com|. >> Makes sense? > Yes and Matt actually solved his problem on IRC and now is happily deploying > his servers. :) > > I'll extend the article to cover the case when you need to talk to both > LDAP and IPA server XML-RPC/JSON API. > > Ideally we need to introduce some commands to manage delegations between > services. An RFE ticket for CLI? >
Already filed :-) https://fedorahosted.org/freeipa/ticket/3644 Contributions are very welcome. Martin _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
