IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Re-format ipa-adtrust-install final message to be within 80 characters wide

Browse Source 
https://fedorahosted.org/freeipa/ticket/2857
This commit is contained in:
Alexander Bokovoy 2012-06-21 16:19:27 +03:00 committed by Martin Kosek
parent 0e3d064ac1
commit 5a982358b5
1 changed files with 28 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
install/tools/ipa-adtrust-install
View File

@ -210,30 +210,34 @@ def main():
netbios_name, options.no_msdcs)
smb.create_instance()
print "=============================================================================="
print "Setup complete"
print ""
print "\tYou must make sure these network ports are open:"
print "\t\tTCP Ports:"
print "\t\t * 138: netbios-dgm"
print "\t\t * 139: netbios-ssn"
print "\t\t * 445: microsoft-ds"
print "\t\tUDP Ports:"
print "\t\t * 138: netbios-dgm"
print "\t\t * 139: netbios-ssn"
print "\t\t * 389: (C)LDAP"
print "\t\t * 445: microsoft-ds"
print ""
print "\tAdditionally you have to make sure the FreeIPA LDAP server cannot be reached"
print "\tby any domain controller in the Active Directory domain by closing the"
print "\tfollowing ports for these servers:"
print "\t\tTCP Ports:"
print "\t\t * 389, 636: LDAP/LDAPS"
print "\tYou may want to choose to REJECT the network packets instead of DROPing them"
print "\tto avoid timeouts on the AD domain controllers."
print ""
print "\tWARNING: you MUST re-kinit admin user before using 'ipa trust-*' commands family"
print "\tin order to re-generate Kerberos tickets to include AD-specific information"
print """
=============================================================================
Setup complete
You must make sure these network ports are open:
\tTCP Ports:
\t * 138: netbios-dgm
\t * 139: netbios-ssn
\t * 445: microsoft-ds
\tUDP Ports:
\t * 138: netbios-dgm
\t * 139: netbios-ssn
\t * 389: (C)LDAP
\t * 445: microsoft-ds
Additionally you have to make sure the FreeIPA LDAP server is not reachable
by any domain controller in the Active Directory domain by closing down
the following ports for these servers:
\tTCP Ports:
\t * 389, 636: LDAP/LDAPS
You may want to choose to REJECT the network packets instead of DROPing
them to avoid timeouts on the AD domain controllers.
=============================================================================
WARNING: you MUST re-kinit admin user before using 'ipa trust-*' commands
family in order to re-generate Kerberos tickets to include AD-specific
information"""
return 0