On 08/23/2014 08:03 PM, Kat wrote:

Wondering about mixed configs and using features from the server such as OTP. Has anyone done this with a v3 client? I know it is mostly sssd, but wondering if there might be any gotchas.


It depends how you want to use it.
If your client is LDAP any clients should work but be sure to use SSL when you bind. SSSD will try to use kerberos. There have been some glitches reported with SSSD in kerberos mode trying to do OTP. So far I recall some failures if UDP is configured for kerberos so the it should be turned off in the krb5.conf on the client. And then there are issues with the password change if you use OTPs managed by IPA (but not external ones). But other than that 1.11 SSSD on top of F20+ and RHEL/CentOS 7 should work.

Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to