On Sun, Mar 13, 2016 at 03:34:27PM +0200, Alexander Bokovoy wrote: > On Sun, 13 Mar 2016, lejeczek wrote: > >IPA install process configured in sssd.conf: > >[domain/new.Domain] > >cache_credentials = True > >krb5_store_password_if_offline = True > >ipa_domain = newDomain > >id_provider = ipa > >... > >... > >[domain/default] # < this is ldap that existed before, kbr5 related > >options are new additions > >autofs_provider = ldap > >cache_credentials = True > >krb5_realm = new.Domain > >ldap_search_base = dc=old,dc=domain > >id_provider = ldap > >krb5_server = a.host > > > >[sssd] > >services = nss, sudo, pam, autofs, ssh > >config_file_version = 2 > >domains =new.Domain > > > >so here I wonder, what's the meaning of kbr5 related options and why > >install process put it into default domain which it did not include later > >in sssd section. > FreeIPA installer doesn't touch 'default' domain section at all. It > always operates on the section named 'domain/<domain name>'.
'default' is the reserved name that authconfig uses. I also wonder why does the domain use id_provider=ldap.. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
