Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] Freeipa

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] Freeipa

Chronological Thread 
  • From: Jeffrey Williams <>
  • To: Jeffrey Crawford <>
  • Cc: "Hyzer, Chris" <>, Cleuson De Oliveira Alves <>, "" <>
  • Subject: Re: [grouper-users] Freeipa
  • Date: Thu, 20 Jul 2017 12:38:54 -0400
  • Ironport-phdr: 9a23:cUurlxV5JnHxzaov5xTefS3+Ih7V8LGtZVwlr6E/grcLSJyIuqrYbBGFt8tkgFKBZ4jH8fUM07OQ6PGwHzRYqb+681k6OKRWUBEEjchE1ycBO+WiTXPBEfjxciYhF95DXlI2t1uyMExSBdqsLwaK+i764jEdAAjwOhRoLerpBIHSk9631+ev8JHPfglEnjSwbLdxIRmssQndqtQdjJd/JKo21hbHuGZDdf5MxWNvK1KTnhL86dm18ZV+7SleuO8v+tBZX6nicKs2UbJXDDI9M2Ao/8LrrgXMTRGO5nQHTGoblAdDDhXf4xH7WpfxtTb6tvZ41SKHM8D6Uaw4VDK/5KpwVhTmlDkIOCI48GHPi8x/kqRboA66pxdix4LYeZyZOOZicq/Ye94RWGhPUdtLVyFZAIy8YYsBAeQCM+hFsYfyu0ADogGiCQS2Hu7j1iNEi33w0KYn0+ohCwbG3Ak4EtwKrnvUotv1NL0MXuG10aLHzTTDb/dS2Tf88ofIdwshquyLULJyf8rQx0gvFwfBjlWRs4PoJC6V1uIRvGiU9eZvS/+gi3M+pgx3vzOhyMAsiozTiYIUzFDJ7St5wJwrKtKmSU57ecSrHIFXtyGAOIt7RN4pTWJwuCsi1LELuIK3cSoPxZQpxBPQcOCLfo2H7x7/SOqePTJ1i255dL+8ghu/9FasxvPgWcSyzV1EtDBKksPWuXAIzxHT6taISv96/kq53DaAzQHT6uVdLUApj6XXN4ctw7EumpYNrUvPBCD2mELxjK+ZckUr5PKk5PjgYrXjvpOcNol0hR/iMqk2hMCyAPg0PwoLUmiV+umzz6Hv8Ej2TblWkvE5jqzUv4zGKckYo6O0BhFZ3pg/5BqnCjepytUYnX0JLFJffxKHipDkO1PAIPH2DPe/h1CskDZxyP3dI73hBInCLnfZnLj/YLl99lZQyBAvwtBH+5JUFrYBLer8Wk/rs9zYEwc5PBKuw+r+FdV9zZ0RWXiUAqKCNKPSsESI5v40I+WSfoMVuTD9K+Q76P70i382h0Mdcbez0ZQJdX+4A6cuH0LMQ3fijM0MAC8hpAMhQuvwhBXWUzNdaWy/TqkU+zogA8SrAZqVFa63h7nU/iq1EIdbdyh5C1SIEH7tbM3QWfkTaSaWI8ZJjzoPWv6sR5J3hkLmjxPz17cydrmcwSYfr5+2kYEtv+A=

If the IPA server itself is defined in its built-in DNS server, with his current DNS servers defined as targets for forwarding, he can, and should, point his hosts to his IPA server for DNS.  It's been a while since I stood up a fresh one, but I think that is done during ipa-server-install.

If DNS is to be external to IPA, there'll need to be the appropriate ports and authorizations given to IPA to be able to modify the records as needed.  I'd highly recommend reading the Deployment Recommendations, particularly the sections regarding DNS:

On Thu, Jul 20, 2017 at 12:22 PM, Jeffrey Crawford <> wrote:
Usually a host would be resolvable using DNS, Are you talking about needing to use the IP address but the java software refuses because the hostname config doesn't match the certificate if you use an IP address?

Jeffrey E. Crawford
Enterprise Service Team
    ^         ^
   / \  ^    / \    ^
  /   \/ \  /   \  / \
 /        \/     \/   \
/                      \

You have been assigned this mountain to prove to others that it *can* be moved.

On Wed, Jul 19, 2017 at 12:27 PM, Jeffrey Williams <> wrote:

Almost certainly not(I just happen to use freeIPA at home).  freeIPA (identity, policy, audit) is another software product (info at

Cleuson, if you search forums specific to your serverOS implementation for IPA questions, you may have better luck.  This list is for another software effort.


On Wed, Jul 19, 2017 at 2:34 PM, Hyzer, Chris <> wrote:

Is this a Grouper question?  Or spam?  Please explain


From: [mailto:] On Behalf Of Cleuson De Oliveira Alves
Sent: Wednesday, July 19, 2017 2:29 PM
Subject: [grouper-users] Freeipa


Hello, I need to remotely access the freeipa server from multiple hosts without having to put the IP and server name inside / etc / hosts.
Can anybody help me?
Thank you.

Desde Já Grato.

Cleuson de O.Alves - STI - Analista de TI
'Não tenha medo de ter idéias ruins. Ruim é não ter idéias.(Seth Godin)



Jeffrey Williams, SQL Server 2012 MCSA, Windows Server 2012 MCSA
Identity Management Specialist
Identity Architecture, ITS
University of North Carolina at Greensboro
256-TECH (256-8324)

Jeffrey Williams, SQL Server 2012 MCSA, Windows Server 2012 MCSA
Identity Management Specialist
Identity Architecture, ITS
University of North Carolina at Greensboro
256-TECH (256-8324)

Archive powered by MHonArc 2.6.19.

Top of Page