Thank you Lee and Jens!
I've been testing your suggestions and I'll start deploying the changes
next week.
On Thu, Jun 15, 2017 at 6:03 AM, Jens Timmerman via FreeIPA-users <
freeipa-users(a)lists.fedorahosted.org> wrote:
Hi,
On 14/06/2017 18:02, Jason Sherrill via FreeIPA-users wrote:
Hello All,
I have recently submitted a How/To
<
https://www.freeipa.org/page/HowTo/Setup_FreeIPA_Services_for_Mac_OS_X_10... for
FreeIPA. I'd very much appreciate any feedback or editing on it- I don't
want to link to it without a review. Thanks!
I used /etc/krb5.conf instead of /Library/Preferences/edu.mit.Kerberos
which also seemed to work,
but I noticed the MacOS client doesn't fall back to tcp, so if udp is
blocked in your network you need to specify
[realms]
EXAMPLE.COM = {
kdc =
tcp/ipa-server.example.com
admin_server =
tcp/ipa-server.example.com
}
to get kinit and changing of an expired password to work (using kinit,
haven't configured my accounts as system accounts yet)
--
*Jason Sherrill*
Deeplocal Inc. <
http://deeplocal.com/>
mobile: 412-636-2073 <%28412%29%20636-2073>
office: 412-362-0201 <%28412%29%20362-0201>
Regards,
Jens Timmerman
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
--
*Jason Sherrill*
Deeplocal Inc. <
http://deeplocal.com/>
mobile: 412-636-2073 <(412)%20636-2073>
office: 412-362-0201 <(412)%20362-0201>