Bug 810987 - AIX client documentation order clarification.
Summary: AIX client documentation order clarification.
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Fedora
Classification: Fedora
Component: freeipa
Version: 16
Hardware: All
OS: All
unspecified
medium
Target Milestone: ---
Assignee: Rob Crittenden
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 810990
TreeView+ depends on / blocked
 
Reported: 2012-04-09 19:37 UTC by Jason Balicki
Modified: 2012-05-03 10:53 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 810990 (view as bug list)
Environment:
Last Closed: 2012-05-03 10:53:44 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Jason Balicki 2012-04-09 19:37:27 UTC
Description of problem:

Step 3 of the AIX client installation documentation states:

"Configure the LDAP client settings to use the IPA directory services:
# mksecldap -c -h ipaserver.example.com -d cn=accounts,dc=example,dc=com -a uid=nss,cn=sysaccounts,cn=etc,dc=example,dc=com -p secret"

However, this user is not created on the ipa server until step 11 h:

"On the IPA server, add a user that is only used for authentication. (This can be substituted with krb5 authentication if that works from the LDAP client). Otherwise go to the IPA server and use ldapmodify, bind as Directory Manager and create this user. The user should be assigned a shared password.
ldapmodify -D "cn=directory manager" -w secret -p 389 -h ipaserver.example.com -x -a

dn: uid=nss,cn=sysaccounts,cn=etc,dc=example,dc=com
objectClass: account
objectClass: simplesecurityobject
objectClass: top
uid: nss
userPassword: secretpassword"

If a user follows these instructions in this order then the mksecldap command will fail.

Step 11 h should be moved to step 3 a, and the existing step 3 should be moved to step 3 b.

Comment 1 Martin Kosek 2012-04-23 11:27:51 UTC
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/2666


Note You need to log in before you can comment on or make changes to this bug.