On 10.2.2016 09:18, Alexander Bokovoy wrote: > On Wed, 10 Feb 2016, Jérôme Fenal wrote: >> Hi all, >> >> Installing an IPA instance with domain/realm as a TLD, in my case >> "internal", works fine. >> >> Until I try to add a user within the domain, using the web interface, >> which fails with the following error: >> >> IPA Error 3009: ValidationError >> >> invalid 'email': invalid e-mail format: jf@internal >> >> The same error happens using "ipa user-add" when the >> --email=m...@redhat.com is not specified. >> >> Can we overcome/circumvent this error in the UI? >> >> Or should we recommend against using TLD or one domain component domains? > See > https://www.redhat.com/archives/freeipa-users/2015-August/msg00078.html > for inspiration.
Hold on! Use of made-up domains in inherently broken and recommended against by official documentation: Please see https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/prerequisites.html#dns-reqs and also https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_DNS_Traffic_with_DNSSEC.html#sec-Recommended_Naming_Practices Long story short, do not use anything else than a domain you actually bought. -- Petr^2 Spacek -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project