2.16. ipa-client

The ipa-client package provides a tool to enroll a machine to an IPA version 2 server. IPA (Identity, Policy and Audit) is an integrated solution to provide centrally managed identity, that is, machine, user, virtual machines, groups, and authentication credentials.
  • Sometimes, the krb5.conf file contains incorrect SELinux context, namely, when the krb5.conf is not created by default, or the IPA client is installed, un-installed, or re-installed. AVC denials can therefore occur in such scenarios.
  • Attempting to run the ipa-client-install command with the --no-sssd option fails with the following error message:
    authconfig: error: no such option: --enableforcelegacy
    
    (BZ#852746)