mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
Removed recommendation from ipa-adtrust-install
In the wiki we say it's not longer necessary to make the IPA LDAP server not reachable by any AD domain controller. To be consistence, the setup tool should reflext this statement. https://fedorahosted.org/freeipa/ticket/4977 Reviewed-By: Gabe Alford <redhatrises@gmail.com>
This commit is contained in:
parent
3d2feac0e4
commit
22d3a93bbc
@ -429,15 +429,6 @@ You must make sure these network ports are open:
|
||||
\t * 389: (C)LDAP
|
||||
\t * 445: microsoft-ds
|
||||
|
||||
Additionally you have to make sure the FreeIPA LDAP server is not reachable
|
||||
by any domain controller in the Active Directory domain by closing down
|
||||
the following ports for these servers:
|
||||
\tTCP Ports:
|
||||
\t * 389, 636: LDAP/LDAPS
|
||||
|
||||
You may want to choose to REJECT the network packets instead of DROPing
|
||||
them to avoid timeouts on the AD domain controllers.
|
||||
|
||||
=============================================================================
|
||||
"""
|
||||
if admin_password:
|
||||
|
Loading…
Reference in New Issue
Block a user