[CentOS] FreeIPA

Wed Apr 8 12:27:08 UTC 2009
Craig White <craigwhite at azapple.com>

On Wed, 2009-04-08 at 13:26 +0200, Fabian Arrotin wrote:
> Craig White wrote:
> > doing some googling, this seems to be about the most current/relevant
> > thing I have found wrt to running freeipa server on CentOS
> > 
> > http://howtoforge.com/how-to-build-rhel-ipa-rpms-for-centos-5
> > 
> > which I'm not totally adverse to doing but I have to ask, is there
> > something packaged? (I've looked in 'testing' and in 'extras' and in
> > epel)
> > 
> > Has anyone followed some other instructions?
> > 
> > Craig
> >
> 
> I spoke with Simo Sorce at the Fosdem event regarding that (having 
> IPA/FreeIPA rpms sitting in the Extras repository)
> Due to the fact that Red Hat made it clear now that the actual RHEIPA 
> will be discontinued (at least in its actual form and will probably 
> change to something else ...) we still don't know what direction to take.
> Rebuilding FreeIPA is probably possible too but how long will that be 
> possible ? FreeIPA isn't looking at being backward compatible and don't 
> focus on RHEL interopability. It can probably work for a certain time, 
> but surely not as long as an Enterprise timelife ... That's maybe worth 
> discussing it though.
> On the other hand, centos-ds is in the testing repo for a while and 
> there were not a lot of feedback : the plan is/was to move it to extras 
> when enough testing/reports have hit the -devel list ...
----
obviously Simo is in a position to know about these things.

I guess the thing that surprises me is that I went to the Red Hat road
show last September and they were promoting FreeIPA as the up and coming
technology and so I was rather shocked that it seemed impossible (to me
anyway) to build a reasonably current version on CentOS (and by
extension, RHEL).

I will install CentOS-DS but I suspect that what I will find is that it
is a stable version of Fedora-DS which is fine, but I have Fedora-DS
running somewhere else already and by itself, it didn't give me any
goosebumps and was more painful to setup than OpenLDAP.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.