[Freeipa-users] IPA Client join

Thu Mar 31 23:21:03 UTC 2011

Hi,

Just a note...on compatibility....yes I know IPA isnt fit yet but.......

If your POC environment is Vmware based F14 isnt supported for vmtools and you cant install vmware tools either it barfs at kernel detection, not good. 

So, if I want to do freeIPA I have to run F14 on RHEL6.0 as KVMs and connect to VMWare ESXi with ethernet cables....then I have to have RHEL6 on real hardware as well running virtual box so I can run a virtualised copy of my Sun 7410 array (NB  you cant run virtual box on rhel6 with kvm at the same time) and there is no vmware or kvm image for the sun array software and I have to make this all work.....its goddam painful....you should see my desk.....a spider would feel happy....

:/

It will be really nice when there are some binary IPA rpms for RHEL 6.x, trying to / accidently restricting stuff just hurts.  

:(

regards

Steven
________________________________________
From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com] on behalf of Rob Crittenden [rcritten at redhat.com]
Sent: Friday, 1 April 2011 7:46 a.m.
To: Roland Käser
Cc: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] IPA Client join

Roland Kaeser wrote:
> Hello
>
>> Will there be an update to the ipa-client package in RHEL 6.0, or do we have to wait for RHEL 6.1?

The next update will be in 6.1. I can probably cobble together a srpm
that would work on 6.0 until 6.1 is released if you'd like.

>
> So which is the software stack to use for my pilot and the later production environment?
> I wouldn't like to use Fedora in company production environments. I would be really prefer to use RHEL6/6.1
> I also checked the latest avialable fedora 15 version. I only can find a alpha version iso from february, 28.
>
> I would really like to have a software stack which works with freeipa (client/server) and afs-server.

Yeah, this is a bit of a grey area right now. IPA does a lot of cat
herding and keeping all the various versions of the packages we require
in sync is very tedious.

For a pilot I think you'd be fine using Fedora 14 though I would
recommend doing some amount of re-testing in F-15 once it is released.
We've done 80% of our development in F-14 and it works very well. The
dogtag project built F-14 packages for us as a favor. They don't want to
support deployments of it because they've done zero testing of their own
on F-14. You'd need to build the packages yourself though, we haven't
pushed this to F-14 because of the dogtag issue. mock should be able to
build it fairly painlessly.

What I've done for my F-15 installations is to install F-14 and then
upgrade to Fedora-15 from there. It has been fairly painless. The GA IPA
release is in the stable repo of F-15 now.

regards

rob

>
>
> ----- Ursprüngliche Mail -----
> Von: "Sigbjorn Lie"<sigbjorn at nixtra.com>
> An: "Rob Crittenden"<rcritten at redhat.com>
> CC: "Roland KÃ¤ser"<roland.kaeser at intersoft-networks.ch>, freeipa-users at redhat.com
> Gesendet: Donnerstag, 31. März 2011 16:14:34
> Betreff: Re: [Freeipa-users] IPA Client join
>
>>
>> In rc2 we had to make a change to the OID used for some operations
>> because they were duplicated. The OID for the ipa-getkeytab operation was one of them, so older
>> clients don't work with newer servers. IIRC the EL6 ipa-client was based on the alpha 3 release.
>>
>> I attached a patch that gives the general idea of what needs to change.
>> It was originally for the EL 5 branch but it may work with few changes
>> in EL6.
>>
>
> Will there be an update to the ipa-client package in RHEL 6.0, or do we have to wait for RHEL 6.1?
>
>
> Rgds,
> Siggi
>
>
>

_______________________________________________
Freeipa-users mailing list
Freeipa-users at redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users