Bug 810987 - AIX client documentation order clarification.
AIX client documentation order clarification.
Product: Fedora
Classification: Fedora
Component: freeipa (Show other bugs)
All All
unspecified Severity medium
: ---
: ---
Assigned To: Rob Crittenden
Fedora Extras Quality Assurance
Depends On:
Blocks: 810990
  Show dependency treegraph
Reported: 2012-04-09 15:37 EDT by Jason Balicki
Modified: 2012-05-03 06:53 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 810990 (view as bug list)
Last Closed: 2012-05-03 06:53:44 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jason Balicki 2012-04-09 15:37:27 EDT
Description of problem:

Step 3 of the AIX client installation documentation states:

"Configure the LDAP client settings to use the IPA directory services:
# mksecldap -c -h ipaserver.example.com -d cn=accounts,dc=example,dc=com -a uid=nss,cn=sysaccounts,cn=etc,dc=example,dc=com -p secret"

However, this user is not created on the ipa server until step 11 h:

"On the IPA server, add a user that is only used for authentication. (This can be substituted with krb5 authentication if that works from the LDAP client). Otherwise go to the IPA server and use ldapmodify, bind as Directory Manager and create this user. The user should be assigned a shared password.
ldapmodify -D "cn=directory manager" -w secret -p 389 -h ipaserver.example.com -x -a

dn: uid=nss,cn=sysaccounts,cn=etc,dc=example,dc=com
objectClass: account
objectClass: simplesecurityobject
objectClass: top
uid: nss
userPassword: secretpassword"

If a user follows these instructions in this order then the mksecldap command will fail.

Step 11 h should be moved to step 3 a, and the existing step 3 should be moved to step 3 b.
Comment 1 Martin Kosek 2012-04-23 07:27:51 EDT
Upstream ticket:

Note You need to log in before you can comment on or make changes to this bug.