[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Pkg-freeipa-devel] freeipa-server backport to Jessie?



On 15.04.2015 16:00, Holger Levsen wrote:
> Hi Timo,
> 
> On Dienstag, 14. April 2015, Timo Aaltonen wrote:
>>>> Server backport isn't too useful before replicas work, and that needs
>>>> libldap built against nss. Until that you're limited to single-server
>>>> setups.
> 
> uhm.
> 
>> No, dogtag, bind-dyndb-ldap and freeipa itself should be all that's
>> needed, if you're ok with the single-server limitation.
> 
> we that working here...
>  
>> Patching openldap to build libldap-nss-2.4-2 (or such) isn't trivial, as
>> the nss build would need patches of it's own (or lots of ifdefs)
> 
> which component needs openlda? freeipa uses the 389ds ldap service so I'm a 
> bit surprised by this...

ldaps:// access uses libldap + gnutls on Debian, but libldap + moznss on
Fedora world, and the latter is what Freeipa expects when setting up
replicas.

>> I think a CentOS install would be the best bet for now.
> 
> I'd be glad to work on overcoming this...

http://www.freeipa.org/page/V4/Replica_Promotion

Simo Sorce on #freeipa is glad to help you get going ;) The GSSAPI part
could be finished earlier than the rest of the replica install rewrite.

but this all has an "optimistic" release goal of 4.2, so later this year
maybe.


-- 
t

Attachment: signature.asc
Description: OpenPGP digital signature


Reply to: