Hey Guy's,
I'm forwarding a domain dom.abc.xyz from a Windows Server 2012 over to
my dual Free IPA server. The Free IPA servers are authoritative for
this subdomain. The Windows Server 2012 DNS is resolves on abc.xyz and
forwards dom.abc.xyz.
I cannot ping dom.abc.xyz. Everything else,
Great - thank you. That worked.
Unfortunately SELinux creates too much overhead on a subset of our servers,
so we have it disabled.
cheers
L.
--
The most dangerous phrase in the language is, "We've always done it this
way."
- Grace Hopper
On 16 November 2016 at 19:39, Lukas Slebodnik
ok Thanks
I will try to debug that. No errors in the logs, the ldapsearch from your link
works fine..
ok work ahead...
Regards
Bjarne Blichfeldt
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Petr Spacek
Sent: 21.
On 21.11.2016 13:29, Bjarne Blichfeldt wrote:
> IPA: VERSION: 4.4.0, API_VERSION: 2.213
>
> This may be for lack of understanding the process, but..
>
> When I retrieve a keytab for a principal using ipa-getkeytab, the kvno is
> increased on the idm.
> In our test environment we have two ipa
On ma, 21 marras 2016, James Harrison wrote:
Hi all,I have established an AD trust Between Free IPA and our Windows network
and its working. No problems there.
I have created the IDM Groups for active directory as proposed in section 5.5
of the Windows_Integration_Guide.
Now what? The group in
On pe, 18 marras 2016, Brian Candler wrote:
Looking at FreeIPA 4.2 under CentOS 7: I find that LDAP simple binds
succeed even for DNs whose krbPasswordExpiration time has passed. Is
this fixed, or is it possible to change this?
Not yet. We have a ticket you can look at and read the history of
On ke, 16 marras 2016, Bjarne Blichfeldt wrote:
Try inserting this in /etc/gssproxy/gssproxy.conf:
cred_store = ccache:FILE:/tmp/krb5cc_%U
/etc/gssproxy/gssproxy.conf:
[service/nfs-client]
mechs = krb5
cred_store = keytab:/etc/krb5.keytab
cred_store = ccache:FILE:/tmp/krb5cc_%U
cred_store
On ti, 15 marras 2016, Christoph Hösler wrote:
The documentation about "External Users in FreeIPA" (
http://www.freeipa.org/page/External_Users_in_IPA) has not been updated for
quite some time. What is the current state of this feature? Is it still on
the roadmap?
It is not currently considered
Hi all,I have established an AD trust Between Free IPA and our Windows network
and its working. No problems there.
I have created the IDM Groups for active directory as proposed in section 5.5
of the Windows_Integration_Guide.
Now what? The group in Free IPA I've created (from section 5.5)
