On Wed, 2010-05-12 at 14:19 +0200, Tomas Mraz wrote:
On Wed, 2010-05-12 at 08:01 +0200, Stjepan Gros wrote:
> And I have three remarks on the whole process (maybe I should fill bug
> reports?):
>
> 1. When I select FreeIPA in authconfig and then mark checkbox 'Use DNS
> to locate KDC for realms' wouldn't it be good that the fields KDCs and
> 'Admin servers' are grayed out? As I understand in that case those are
> found via DNS? And also, this info (both option to use DNS and specific
> KDC entry) is filled into krb5.conf while it seems to me it is
> redundand?
I don't think that saving the concrete KDC entries can harm anything.
But you're right that authconfig should disable the text entry if the
DNS checkbox is enabled. Please file an enhancement request.
> 2. When selecting Local authentication after FreeIPA, and then Apply,
> error is reported on the console because authconfig tries to start sssd
> which doesn't have configuration file any more. Also, sssd should be
> disabled during boot process in that case, or any case where it is not
> used.
This is leftover from your configuration with the old authconfig. It is
hard to fix and not break other possible configurations people might
have. Just use 'authconfig --disablesssd --disablesssdauth --update'.
I'll try again to see what exactly happens and under which conditions
before filling any bug reports.
SG