Bug 571896

Summary: kpasswd does not work if the kdc is setup as a slave server.
Product: [Fedora] Fedora Reporter: Daniel Walsh <dwalsh>
Component: sssdAssignee: Stephen Gallagher <sgallagh>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 13CC: jhrozek, sbose, sgallagh, ssorce
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: sssd-1.1.1-3.fc13 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-04-28 11:03:33 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Daniel Walsh 2010-03-09 14:47:03 EST
Description of problem:

sssd needs to be able to differentiate between the kerberos kdc server from the kerberos admin server.

My kdc is kerberos.boston.redhat.com
admin server is kerberos.corp.redhat.com
Comment 1 Stephen Gallagher 2010-03-09 15:57:49 EST
I propose the following fix: we add an option krb5_kadmin, which is optional. If it is unspecified, we assume that krb5_kdcip is also a kadmin server, as we have been doing.
Comment 2 Simo Sorce 2010-03-09 16:14:52 EST
we should really use krb5.conf here imo
Comment 3 Stephen Gallagher 2010-03-10 07:11:00 EST
Simo, can you please clarify that comment? I don't understand what you're proposing.
Comment 4 Stephen Gallagher 2010-03-10 07:29:01 EST
This is being tracked upstream in ticket:
Comment 5 Stephen Gallagher 2010-03-15 11:29:26 EDT
This bug has been fixed upstream. A package will be forthcoming in Fedora shortly.
Comment 6 Fedora Admin XMLRPC Client 2010-04-28 10:48:52 EDT
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.