May be specified multiple times to add multiple servers to ipa_server value in nf. server= SERVER Set the IPA server to connect to. Options Basic Options -domain= DOMAIN Set the domain name to DOMAIN hostname option may be used to specify a static hostname that persists over reboot. If the machine hostname changes for exampleĭue to a dynamic hostname assignment by a DHCP server, client enrollment to IPA server breaks and user then would not be able to perform Kerberos If this principal does not exist then unenrollment will fail and anĪdministrator will need to disable the host principal (ipa host-disable ).Ĭlient must use a static hostname. The machine principal in is used to authenticate to the IPA server to unenroll itself. Unenrollment consists of disabling the prinicipal key on the IPA server so that it may be re-enrolled. Part of this process is to unenroll the host from the ![]() This same tool is used to unconfigure IPA and attempts to return the machine to its previous state. This can take the form of a kerberos principal or a one-time password associated with the Switching Service) to work with an IPA server over Kerberos and LDAP.Īn authorized user is required to join a client machine to IPA. ![]() Optionally one can instead configure PAM and NSS (Name ![]() Configures a client machine to use IPA for authentication and identity services.īy default this configures SSSD to connect to an IPA server for authentication and authorization.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |