Re: [Freeipa-devel] [PATCH] 216 Add client hostname requirements to man

[Rob Crittenden]

Martin Kosek wrote:

Changing a client hostname after ipa-client-install would break
the enrollment on IPA server. Update relevant man pages to contain
such information.

https://fedorahosted.org/freeipa/ticket/1967


ACK

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 216 Add client hostname requirements to man

[Martin Kosek]

On Mon, 2012-02-27 at 11:40 -0500, Rob Crittenden wrote:
 Martin Kosek wrote:
  Changing a client hostname after ipa-client-install would break
  the enrollment on IPA server. Update relevant man pages to contain
  such information.
 
  https://fedorahosted.org/freeipa/ticket/1967
 
 ACK

Pushed to master, ipa-2-2.

Martin

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 216 Add client hostname requirements to man

[Martin Kosek]

Changing a client hostname after ipa-client-install would break
the enrollment on IPA server. Update relevant man pages to contain
such information.

https://fedorahosted.org/freeipa/ticket/1967

From 4eea201400bb619891886fde135d49202ba02007 Mon Sep 17 00:00:00 2001
From: Martin Kosek mko...@redhat.com
Date: Mon, 20 Feb 2012 15:24:21 +0100
Subject: [PATCH] Add client hostname requirements to man

Changing a client hostname after ipa-client-install would break
the enrollment on IPA server. Update relevant man pages to contain
such information.

https://fedorahosted.org/freeipa/ticket/1967
---
 ipa-client/man/ipa-client-install.1 |7 ++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/ipa-client/man/ipa-client-install.1 b/ipa-client/man/ipa-client-install.1
index 96b019bd91bfdcad09d512c77f6f8a9fdd565f61..07b0089b626c5527f23157881abfef45cc37d961 100644
--- a/ipa-client/man/ipa-client-install.1
+++ b/ipa-client/man/ipa-client-install.1
@@ -30,6 +30,11 @@ An authorized user is required to join a client machine to IPA. This can take th
 
 This same tool is used to unconfigure IPA and attemps to return the machine to its previous state. Part of this process is to unenroll the host from the IPA server. Unenrollment consists of disabling the prinicipal key on the IPA server so that it may be re\-enrolled. The machine principal in /etc/krb5.keytab (host/fqdn@REALM) is used to authenticate to the IPA server to unenroll itself. If this principal does not exist then unenrollment will fail and an administrator will need to disable the host principal (ipa host\-disable fqdn).
 
+.SS HOSTNAME REQUIREMENTS
+Client must use a \fBstatic hostname\fR. If the machine hostname changes for example due to a dynamic hostname assignment by a DHCP server, client enrollment to IPA server breaks and user then would not be able to perform Kerberos authentication.
+
+--hostname option may be used to specify a static hostname that is set in machine system configuration and persist over reboot.
+
 .SH OPTIONS
 .SS BASIC OPTIONS
 .TP
@@ -55,7 +60,7 @@ Prompt for the password for joining a machine to the IPA realm.
 Configure PAM to create a users home directory if it does not exist.
 .TP
 \fB\-\-hostname\fR
-The hostname of this server (FQDN). If specified, the hostname will be set and the system configuration will be updated to persist over reboot. By default a nodename result from uname(2) is used.
+The hostname of this machine (FQDN). If specified, the hostname will be set and the system configuration will be updated to persist over reboot. By default a nodename result from uname(2) is used.
 .TP
 \fB\-\-ntp\-server\fR=\fINTP_SERVER\fR
 Configure ntpd to use this NTP server.
-- 
1.7.7.6

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel