Removed recommendation from ipa-adtrust-install

In the wiki we say it's not longer necessary to make the IPA LDAP server not
reachable by any AD domain controller. To be consistence, the setup tool
should reflext this statement.

https://fedorahosted.org/freeipa/ticket/4977

Reviewed-By: Gabe Alford <redhatrises@gmail.com>
This commit is contained in:
Thorsten Scherf 2015-04-10 15:26:28 +02:00 committed by Petr Vobornik
parent 3d2feac0e4
commit 22d3a93bbc

View File

@ -429,15 +429,6 @@ You must make sure these network ports are open:
\t * 389: (C)LDAP
\t * 445: microsoft-ds
Additionally you have to make sure the FreeIPA LDAP server is not reachable
by any domain controller in the Active Directory domain by closing down
the following ports for these servers:
\tTCP Ports:
\t * 389, 636: LDAP/LDAPS
You may want to choose to REJECT the network packets instead of DROPing
them to avoid timeouts on the AD domain controllers.
=============================================================================
"""
if admin_password: