On Fri, Jan 03, 2014 at 12:33:16AM +0200, Genadi Postrilko wrote:
Here are the *sssd.log, **sssd_nss.log. *Other logs where empty of did not
contain the output for the relevant log in.
https://gist.github.com/anonymous/8228284
According to gist, you only provided the debug logs from the
On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
/var/log/sssd/*
this is using bob@host (prattle.com is the windows domain)
https://gist.github.com/anonymous/ff817a251948ff58bdb1
this is using b...@prattle.com@host (prattle.com is the windows domain)
Thanks, these logs have
On Fri, Jan 03, 2014 at 12:29:11PM +0100, Jakub Hrozek wrote:
On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
/var/log/sssd/*
this is using bob@host (prattle.com is the windows domain)
https://gist.github.com/anonymous/ff817a251948ff58bdb1
this is using
On 01/03/2014 02:23 AM, Will Sheldon wrote:
This is cause for concern. Is there a hardening / best practices for
production guide anywhere, did I miss a section of the documentation?
What else do I need to secure?
I understand that there is a tradeoff between security and
compatibility, but
On Fri, 2014-01-03 at 12:29 +0100, Jakub Hrozek wrote:
On Thu, Jan 02, 2014 at 08:06:31PM +, Andrew Holway wrote:
/var/log/sssd/*
this is using bob@host (prattle.com is the windows domain)
https://gist.github.com/anonymous/ff817a251948ff58bdb1
this is using b...@prattle.com@host
To generate the winbind logs on the server, can you do 'smbcontrol winbindd
debug 100', then request the trusted user. The winbind logs would be at
/var/log/samba/log.w*
I truncated all of the files in /var/log/samba and then make a single
login attempt. These are the files that were non zero
or simply run wbinfo on the server to check winbindd can properly
retrieve users before moving back to testing on client.
[r...@ipa.wibble.com ~]# wbinfo -i b...@prattle.com
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user b...@prattle.com
Would this be an
Here are the other logs as well (ldap_child.log, sssd_pac.log,
sssd_ssh.log).
https://gist.github.com/anonymous/8242061
I attempted to log in (as administra...@addc.com) at 9:04.
Thanks for the help.
___
Freeipa-users mailing list
Thanks Petr, that certainly makes sense from the point of view of
functionality.
I do think the default is sane, but there are a lot of possible deployment
scenarios and my concern is that a junior or time poor admin looking to
implement a trusted, secure solution should be made aware of any
[r...@ipa.wibble.com ~]# wbinfo --all-domains
BUILTIN
WIBBLE
PRATTLE
[r...@ipa.wibble.com ~]# wbinfo --own-domain
WIBBLE
On 3 January 2014 15:06, Andrew Holway andrew.hol...@gmail.com wrote:
or simply run wbinfo on the server to check winbindd can properly
retrieve users before moving back to
On 01/03/2014 12:50 PM, Will Sheldon wrote:
Thanks Petr, that certainly makes sense from the point of view of
functionality.
I do think the default is sane, but there are a lot of possible
deployment scenarios and my concern is that a junior or time poor
admin looking to implement a trusted,
On Fri, Jan 3, 2014 at 10:29 AM, Dmitri Pal d...@redhat.com wrote:
On 01/03/2014 12:50 PM, Will Sheldon wrote:
Thanks Petr, that certainly makes sense from the point of view of
functionality.
I do think the default is sane, but there are a lot of possible deployment
scenarios and my
On 01/03/2014 02:33 PM, Stephen Ingram wrote:
On Fri, Jan 3, 2014 at 10:29 AM, Dmitri Pal d...@redhat.com
mailto:d...@redhat.com wrote:
On 01/03/2014 12:50 PM, Will Sheldon wrote:
Thanks Petr, that certainly makes sense from the point of view of
functionality.
I do think
On Fri, Jan 3, 2014 at 11:37 AM, Dmitri Pal d...@redhat.com wrote:
On 01/03/2014 02:33 PM, Stephen Ingram wrote:
On Fri, Jan 3, 2014 at 10:29 AM, Dmitri Pal d...@redhat.com wrote:
On 01/03/2014 12:50 PM, Will Sheldon wrote:
Thanks Petr, that certainly makes sense from the point of view
When attempting to run the second part of the installation with an
external CA (Globalsign) using my signed certificate and CA certificate
chain I get the following;
[root@ldapm6x00 ~]# ipa-server-install
--external_cert_file=/root/ldapm6x00.sun.weather.com.crt
Hi Experts ,
I am trying to run a script from a remote server which creates user principals
and generate keytabs on my ipa server installed on CentOS6.5 ipav3 . The issue
that I am getting is that when i run the same script from the terminal of the
remote server it runs fine and retrieves
James Scollard wrote:
When attempting to run the second part of the installation with an
external CA (Globalsign) using my signed certificate and CA certificate
chain I get the following;
[root@ldapm6x00 ~]# ipa-server-install
--external_cert_file=/root/ldapm6x00.sun.weather.com.crt
Zulkifal Ahmad wrote:
Hi Experts ,
I am trying to run a script from a remote server which creates user
principals and generate keytabs on my ipa server installed on CentOS6.5
ipav3 . The issue that I am getting is that when i run the same script
from the terminal of the remote server it runs
Thanks for the reply,
Version:
Package freeipa-server-3.3.3-2.fc19.x86_64 already installed and latest
version...
I'm not sure I understand the answer.
I created the CSR and they signed it using their automation, and
returned the new ones to me for installation, which failed.
On 01/03/2014 04:13 PM, James Scollard wrote:
Thanks for the reply,
Version:
Package freeipa-server-3.3.3-2.fc19.x86_64 already installed and
latest version...
I'm not sure I understand the answer.
I created the CSR and they signed it using their automation, and
returned the new ones to
20 matches
Mail list logo