On 01/16/2013 03:10 PM, Simo Sorce wrote: > On Wed, 2013-01-16 at 15:01 +0100, Martin Kosek wrote: >> On 01/16/2013 02:50 PM, Simo Sorce wrote: >>> On Wed, 2013-01-16 at 10:42 +0100, Martin Kosek wrote: >>>> IPA installer sometimes tries to connect to the Directory Server >>>> via loopback address 127.0.0.1. However, the Directory Server on >>>> pure IPv6 systems may not be listening on this address. This address >>>> may not even be available. >>>> >>>> Rather use the FQDN of the server when connecting to the DS to fix >>>> this issue and make the connection consistent ldapmodify calls which >>>> also use FQDN instead of IP address. >>>> >>>> https://fedorahosted.org/freeipa/ticket/3355 >>> >>> Martin, >>> shouldn't the installer rather always use the ldapi socket ? >>> >>> Simo. >>> >> >> Probably yes, but the fix would be much more intrusive than the current patch >> as we connect to ldap://$HOST:389 all over the installer code. My intention >> was >> to prepare rather a short fix for the upcoming release... > > Uhmm wouldn't you just need to replace ldap://$HOST:389 with > ldapi://path ? > > However it is understandable to have a short term fix, but can you open > a ticket for the longer term goal of moving away from TCP connections to > LDAPI ones ? > > Simo. >
Sure. I updated ticket https://fedorahosted.org/freeipa/ticket/3272 which already plans to fix other inappropriate protocol in installer code. Martin _______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
