Hi Rob, Thanks for the info. Sure I will create the ticket and will certainly try to pick the low-hanging fruit :-)
-- http://about.me/chandank On Thu, Sep 26, 2013 at 7:51 PM, Rob Crittenden <rcrit...@redhat.com> wrote: > Chandan Kumar wrote: > >> Hello, >> >> I have basic configuration question, my apologies if it has already been >> discussed. >> >> I have ipa-server-3 server installed with default parameters with >> replication. >> >> We have Linux machines across different geo location and I would like to >> integrate them into IPA server, however, I don't want external clients >> to connect the server on standard port. >> >> For example, during ipa-client registration it requires all IPA services >> to be running on default port. >> >> Such as : trying https://ipa01.my.net/ipa/xml >> >> kdc = ipa01.my.net:88 <http://ipa01.my.net:88> >> master_kdc = ipa01.my.net:88 <http://ipa01.my.net:88> >> admin_server = ipa01.my.net:749 <http://ipa01.my.net:749> >> >> >> Is there any way in ipa-client-install or sssd file to instruct IPA >> client to connect to IPA server on no-standard ports such as >> >> trying https://ipa01.my.net:8080/ipa/**xml<https://ipa01.my.net:8080/ipa/xml> >> >> This way I don't have to allocate a separate IP or additional web server >> to redirect the requests a simple NAT at firewall will do such as >> external 8080 -> internal 443 >> > > Currently there is no way to do this. I'd have sworn we had a ticket to > add this but a quick search didn't turn it up. If you'd like this supported > feel free to open a ticket at > https://fedorahosted.org/**freeipa/newticket<https://fedorahosted.org/freeipa/newticket> > > I don't think this would be tremendously difficult to do, the trick would > be communicating the port to clients somehow while they are trying to > enroll. A command-line option would probably be the shortest path. > > This may be decent low-hanging fruit if you're interested in being a > contributor to IPA. > > rob >
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users