On pe, 22 marras 2019, Charles Hedrick wrote:
Bound in the sense that it has the hostname as part of the principal,
not in the sense that there’s any actual connection with that host when
you use it.
Dmitry Perets wants to use the same principal and key table on several
hosts. They can simply create a principal for one of them. It and its
key table can be used anywhere. We do it regularly. I would prefer this
not to work, but it does.
Correct. And it doesn't need any of the newer functionality too.
On Nov 22, 2019, at 2:40 PM, Alexander Bokovoy
<aboko...@redhat.com<mailto:aboko...@redhat.com>> wrote:
No, this is not really what it is. Service principals are always bound
to a host name but starting with FreeIPA 4.7.0 it is possible to create
service principals that have no host object with the same host name.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
