[Authentication] Does realm honor ad-cli parameters?
Niklas Andersson
niklas.andersson at openforce.se
Tue Oct 18 15:04:55 UTC 2016
Reason is that seemingly not all servers are both read and write
(personally I find this strange, but that is how it was explained to me)
So we need to join with a specific set of servers, a sub-set of those in
the domain.
Regards,
Niklas
On 18/10/16 13:51, Stephen Gallagher wrote:
> On 10/18/2016 06:50 AM, Stef Walter wrote:
>> On 18.10.2016 11:32, Niklas Andersson wrote:
>>> Hi,
>>>
>>> Can I add ad-cli parameters to realm when joining? I am interested in
>>> using the --domain-controller parameter to specify a specific server to
>>> use for joining.
>>>
>>>
>>> I.e:
>>>
>>> realm join --membership-software=adcli
>>> --domain-controller=myspecificserver.mydomain.tld MYDOMAIN.TLD
>> Hmmm, I thought you could do:
>>
>> sudo realm join --membership-software=adcli \
>> myspecificserver.mydomain.tld
>>
>> Just join to the server, and I think it'll figure it out. Even the IP
>> address seems to work for AD domains.
>>
> Actually, the IP address thing seems not to work anymore for AD 2016 servers.
> I'm not sure the reasoning, but it would probably not be a terrible idea to
> simply disallow raw IPs for both AD and FreeIPA domains.
>
>
>
> _______________________________________________
> Authentication mailing list
> Authentication at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/authentication
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/authentication/attachments/20161018/2ad474f3/attachment.html>
More information about the Authentication
mailing list