#4791 Allow FreeIPA-Kerberos trusts in DAL driver
Closed: Fixed None Opened 4 years ago by pspacek.

Currently DAL driver prevents users from using Kerberos-FreeIPA trusts and errors our with "KDC policy rejects request" message.

The check is too restrictive and should be removed.

Details:
https://www.redhat.com/archives/freeipa-users/2014-December/msg00045.html


The check should merely be relaxed so that file based configuration can also be used.

master:

  • 92c3a9f ipa-kdb: when processing transitions, hand over unknown ones to KDC

ipa-4-1:

  • 0d3b4cd ipa-kdb: when processing transitions, hand over unknown ones to KDC

Metadata Update from @pspacek:
- Issue assigned to abbra
- Issue set to the milestone: FreeIPA 4.1.3

2 years ago

Login to comment on this ticket.

Metadata