Tomas Babej wrote:
On 09/26/2012 09:32 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,

Connection error message in ipa-client-install now warns the user
about the need of opening 389 port for directory server.

https://fedorahosted.org/freeipa/ticket/2816

I think this can be pushed as a one-liner.

I think we should list all ports that are required for client enrollment.

From my calculations we need at a minimum tcp ports 80 and 389, either
or both udp/tcp for port 88 and if NTP is enabled 123 udp for
enrollment alone. The NTP failure won't cause enrollment to fail
though, so we may be able to skip that.

Similarly 464 should be enabled but we don't use it during enrollment.

rob
I improved the error message. Please check if there are any issues.

Thanks

Tomas

This only works if port 389 is blocked, not 88 or 80.

rob

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to