On Thu, 2011-12-29 at 13:13 -0500, Boris Epstein wrote: > > > On Wed, Dec 28, 2011 at 10:18 PM, Simo Sorce <[email protected]> wrote: > On Wed, 2011-12-28 at 11:11 -0500, Boris Epstein wrote: > > Hello listmates, > > > > > > Apparently, in order to authenticate a Mac OS X Lion client > to NIS one > > needs passwords encrypted in MD5 hash shown in the passwd > and > > passwd.byname maps. FreeIPA at this point only shows a "*". > Is there a > > way to change that? > > > No, we decided that one of the rules with FreeIPA was to never > expose > hashes to clients. Same reason why we do not export a shadow > map for > example. > > With Mac OS X you should be better off using just LDAP auth. > > > > > Simo, thanks! > > > Is there a decent manual on how to link up Mac OS X (specifically, > V10.7, "Lion") to a FreeIPA server as an LDAP client? I tried that - > and just seem to be getting nowhere as the Mac wouldn't even give me > an error message (or perhaps it is my fault for not knowing where to > look but I am just lost there). > Unfortunately I am not very well versed in Mac-ism, but we have an old page in our docs, and although it states it is valid only for freeipa v1 I see that it has links to some configuration guide for ldap:
http://www.freeipa.org/page/ConfiguringMACOSXTigerClient This other page seem to apply only to 10.4 instead: http://www.freeipa.org/page/ConfiguringMacintoshClients HTH, Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
