On Fri, May 22, 2015 at 3:14 PM, Martin Basti wrote:
> On 22/05/15 18:05, Johnny Tan wrote:
>
> Our servers run CentOS-6.6 and ipa-server-3.0.0-42.el6.centos.x86_64
>
> Our CentOS clients (also 6.6) join the domain seamlessly.
>
> Our Ubuntu 14.04 LTS clients, however,
Our servers run CentOS-6.6 and ipa-server-3.0.0-42.el6.centos.x86_64
Our CentOS clients (also 6.6) join the domain seamlessly.
Our Ubuntu 14.04 LTS clients, however, don't seem to be able to
auto-discover domain, realm, or IPA servers:
```
dpkg -l | grep freeipa
ii freeipa-client
On Fri, Mar 13, 2015 at 4:44 PM, Rob Crittenden wrote:
> The CA-less install was improved in IPA 3.3. It can sorta work in 3.0
> but it will be bumpy. A number of bugs were fixed in
> ipa-server-certinstall, the tool used to replace the IPA certs with
> user-provided certs. Or you can pass in PKC
On Fri, Mar 13, 2015 at 2:15 PM, Dmitri Pal wrote:
> Rob would definitely know more but IPA mostly provides certs for the
> infra it serves and has a limited use of the certs by itself.
> So here is where I know it is used:
> - You can issue certs for hosts and services and installer used to cre
On Wed, Mar 4, 2015 at 5:56 PM, Dmitri Pal wrote:
> IPA does not use certs for communication between the instances. It uses
> Kerberos. I am not sure the DoDaddy cert you added is even used in some way
> by IPA.
>
Dmitri or Rob:
Could you explain what the various uses of the IPA certs are, then