[Freeipa-users] Using already running dogtag-instance possible?
Martin Nagy
mnagy at redhat.com
Mon Apr 19 13:16:06 UTC 2010
On Fri, 2010-04-16 at 09:43 -0400, Rob Crittenden wrote:
> Oliver Burtchen wrote:
> > Hi Dmitri,
> > b)
> > Using „ipa-server-install --setup-dns“, the SOA Records in DNS are wrong.
> >
> > There are missing trailing dots for server-name und email, at reverse-zone
> > also in the zone-name. To look at this, just use dig and dig -x on domain,
> > changing it directly in ldap corrects it..
> >
> > Should be easy to fix in ipaserver/install/bindinstance.py
>
> Martin, can you look into this? I filed
> https://bugzilla.redhat.com/show_bug.cgi?id=583023
I just posted a patch, thanks for reporting this:
https://www.redhat.com/archives/freeipa-devel/2010-April/msg00045.html
> > d)
> > Email for zone-manager in bind-setup should be asked/customizeable
> > (root at domain.name is IMHO not a good choice). Maybe this option/answer should
> > also be used as „o=IPA,e=manager at domain.name“ in base-subject for certificates,
> > when –subject is not set by user.
>
> We do something similar when installing dogtag. We set -admin_email to
> root at localhost.
>
> I filed https://bugzilla.redhat.com/show_bug.cgi?id=583027
Not still sure about this one, it'd probably be a good idea, we'll see..
Martin
More information about the Freeipa-users
mailing list