On 07/30/2013 05:52 PM, Alexander Bokovoy wrote:
> On Tue, 30 Jul 2013, Dmitri Pal wrote:
>> On 07/30/2013 08:17 AM, Matt . wrote:
>>> Hi Dimitri,
>>> It's a good tuturial but I'm kinda stuck (and new to that part)
>>> What we seem to need is:
>>> A -> B -> C -> D
>>> A= user(running one) B= Webserver C=IPAserver D= LDAP on IPAserver
>>> I thought we didn't need the C -> D part because this is what IPA
>>> does. We actually need the A -> B -> C part exectured from a php
>>> script to add a user with user_add.
>>> More details about that are welcome.
>> You use the article but instead of accessing LDAP directly you need to
>> access ipa web sever because you will be running IPA commands and not
>> LDAP queries.
>> So you instead of using |ldap/ipa.example.com| principal as outlined in
>> the article you configure aquision of tickets for |http/ipa.example.com|.
>> Makes sense?
> Yes and Matt actually solved his problem on IRC and now is happily deploying
> his servers. :)
> I'll extend the article to cover the case when you need to talk to both
> LDAP and IPA server XML-RPC/JSON API.
> Ideally we need to introduce some commands to manage delegations between
> services. An RFE ticket for CLI?
Already filed :-)
Contributions are very welcome.
Freeipa-users mailing list