Jan Frode Myklebust wrote:
Well, if you are just starting out with Fedora DS + Kerberos, that would be the way to go - but since you're not . . .On 2008-06-12, Rich Megginson <rmeggins@xxxxxxxxxx> wrote:freeipa.org is a project dedicated to answering this and other similar ldap+kerberos questions.Is the normal procedure for managing users: - add user info to the directory (ldapadd) - create user principal (addprinc username) Or can the creation of user principal be automatically created from within fds when we create users there ?That felt a bit like an "Active Directory is a solution that does what you're trying to do, why don't you just use that" answer.. ;-)
. . . you have to know about both resources, and keep them both in sync. I don't know much about Sun Identity Manager - perhaps it has tools to help you do this.I know about freeipa.org, have read most of the documentation and even lightly tested it. But, freeipa expects you to add/manipulate users trough a webgui, or specialized freeipa-commands. That doesn't tell me muchabout what's happening behind the scene..Also, we already have an identity management solution deployed (Sun Identity Manager), so my question is mostly if it should just update the directory server, and have the directory server create the kerberos principals. Or if it needs to know about both resources, and keep them both in sync.
-jf -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
