diff options
| author | Alexander Bokovoy <abokovoy@redhat.com> | 2012-05-15 20:03:16 +0300 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-06-07 09:39:10 +0200 |
| commit | bd0d85804320e840db9b5cf19a5e69b3a0804e20 (patch) | |
| tree | 0741271180b207f68b652570c9930ebc3fdbe105 /install/tools | |
| parent | 000bcfe34f318f613ec7c8744b3f886ef4ffb8ba (diff) | |
| download | freeipa-bd0d85804320e840db9b5cf19a5e69b3a0804e20.tar.gz freeipa-bd0d85804320e840db9b5cf19a5e69b3a0804e20.tar.xz freeipa-bd0d85804320e840db9b5cf19a5e69b3a0804e20.zip | |
Add trust-related ACIs
A high-level description of the design and ACIs for trusts is available at
https://www.redhat.com/archives/freeipa-devel/2011-December/msg00224.html
and
https://www.redhat.com/archives/freeipa-devel/2011-December/msg00248.html
Ticket #1731
Diffstat (limited to 'install/tools')
| -rwxr-xr-x | install/tools/ipa-adtrust-install | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/install/tools/ipa-adtrust-install b/install/tools/ipa-adtrust-install index f82d5bb82..c0b477102 100755 --- a/install/tools/ipa-adtrust-install +++ b/install/tools/ipa-adtrust-install @@ -224,13 +224,16 @@ def main(): print "\t\t * 389: (C)LDAP" print "\t\t * 445: microsoft-ds" print "" - print "\tAdditionally you have to make sure the FreeIPA LDAP server cannot reached" + print "\tAdditionally you have to make sure the FreeIPA LDAP server cannot be reached" print "\tby any domain controller in the Active Directory domain by closing the" print "\tfollowing ports for these servers:" print "\t\tTCP Ports:" print "\t\t * 389, 636: LDAP/LDAPS" print "\tYou may want to choose to REJECT the network packets instead of DROPing them" print "\tto avoid timeouts on the AD domain controllers." + print "" + print "\tWARNING: you MUST re-kinit admin user before using 'ipa trust-*' commands family" + print "\tin order to re-generate Kerberos tickets to include AD-specific information" return 0 |