Hi David,
I am referring only to people changing their passwords on the web interface, so I
don't think the clients or Nginx would have to talk to port 464?
Cheers,
Doug
________________________________
From: Alston, David <David.Alston(a)sabre.com>
Sent: 11 September 2017 17:52:55
To: FreeIPA users list
Cc: Doug Kelly (Digital)
Subject: RE: Nginx in front of IPA?
** This mail has been sent from an external source **
Greetings!
Password changes will use Kerberos port 464. Is Nginx forwarding port 464 to
whatever domain controllers are managing the users who want to change their password?
--David Alston
From: doug.kelly--- via FreeIPA-users [mailto:freeipa-users@lists.fedorahosted.org]
Sent: Monday, September 11, 2017 10:16 AM
To: freeipa-users(a)lists.fedorahosted.org
Cc: doug.kelly(a)wipro.com
Subject: [Freeipa-users] Nginx in front of IPA?
Hi,
We have an "interesting" set up here and ultimately it means that some of our
users are on a network that can't access the domain that the IPA servers are on so
can't reset their passwords. However, they do have access to a domain that we can
proxy requests through to get to IPA.
Through googling a bit I saw people mention changing 'xmlrpc_uri' in
/etc/ipa/default.conf along with some proxy settings for nginx but couldn't really see
anything "official".
Has anyone successfully put nginx in front of a cluster of IPA servers? Is there any
documentation to detail the steps involved?
Thanks,
Doug
Wipro Limited (Company Regn No in UK FC 019088) Address: Level 2, West wing, 3 Sheldon
Square, London W2 6PS, United Kingdom. Tel +44 20 7432 8500 Fax: +44 20 7286 5703 VAT
Number: 563 1964 27 (Branch of Wipro Limited (Incorporated in India at Bangalore with
limited liability vide Reg no L99999KA1945PLC02800 with Registrar of Companies at
Bangalore, India. Authorized share capital Rs 5550 mn)) Please do not print this email
unless it is absolutely necessary. The information contained in this electronic message
and any attachments to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If you are not the
intended recipient, you should not disseminate, distribute or copy this e-mail. Please
notify the sender immediately and destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should check this
email and any attachments for the presence of viruses. The company accepts no liability
for any damage caused by any virus transmitted by this email.
www.wipro.com<https://clicktime.symantec.com/a/1/H_4TZpBE_a2GVtGyhaMM3...
______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit
http://www.symanteccloud.com<https://clicktime.symantec.com/a/1/Ch_iWk...
______________________________________________________________________
______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit
http://www.symanteccloud.com
______________________________________________________________________
Wipro Limited (Company Regn No in UK FC 019088) Address: Level 2, West wing, 3 Sheldon
Square, London W2 6PS, United Kingdom. Tel +44 20 7432 8500 Fax: +44 20 7286 5703 VAT
Number: 563 1964 27 (Branch of Wipro Limited (Incorporated in India at Bangalore with
limited liability vide Reg no L99999KA1945PLC02800 with Registrar of Companies at
Bangalore, India. Authorized share capital Rs 5550 mn)) Please do not print this email
unless it is absolutely necessary. The information contained in this electronic message
and any attachments to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If you are not the
intended recipient, you should not disseminate, distribute or copy this e-mail. Please
notify the sender immediately and destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should check this
email and any attachments for the presence of viruses. The company accepts no liability
for any damage caused by any virus transmitted by this email.
www.wipro.com
______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit
http://www.symanteccloud.com
______________________________________________________________________