On pe, 12 touko 2017, Felix Chu wrote:
Thanks your info. So it means we cannot use FreeIPA server if we
require MFA under Windows 2012?
Because our environment is under PCI-DSS cert, PCI-DSS 3.2 has new
requirement forcing MFA on non-console access to servers. That's why we
look for FreeIPA.
Thanks your info. So it means we cannot use FreeIPA server if we require MFA
under Windows 2012?
Because our environment is under PCI-DSS cert, PCI-DSS 3.2 has new requirement
forcing MFA on non-console access to servers. That's why we look for FreeIPA.
-Original Message-
From:
I have attached the syslog with gdm debug mode enabled
On 11-May-17 1:54 PM, Sumit Bose wrote:
> On Thu, May 11, 2017 at 01:29:33PM +0200, tuxderlinuxfuch...@gmail.com wrote:
>> Hello,
>>
>> I have attached the requested files.
> The logs indicate that access was granted by SSSD and that gdm
Odd, must have clicked reply instead of reply-all.
Anyway, I did the revert and re-install. Actual install went through fine
then the "ipa-server-install" ran until this:
[8/9]: restoring configuration
[9/9]: starting directory server
Done.
Restarting the directory server
Restarting the KDC
Hi,
After an upgrade to Centos 7.3.1611 with “yum update", we started seeing the
following messages in the logs:
“””
May 9 21:58:28 inf01 ns-slapd[4323]: [09/May/2017:21:58:28.519724479 +]
NSMMReplicationPlugin - changelog program -
I got my answer. I did not have to restart any services. I ran the
domainlevel-set command on the master and it propagated to all cluster
nodes. I verified this by running domainlevel-get on each server and they
all showed 1.
*Mike Plemmons | Senior DevOps Engineer | CROSSCHX*
614.427.2411
Please keep freeipa-users in CC
Snapshot is always better, so I suggest to use it. Otherwise there is an
option --ignore-last-of-role to unblock uninstallation.
Martin
On 11.05.2017 16:00, Robert L. Harris wrote:
Looks like you hit it, apache didn't have a group:
-- Logs begin at Wed
On Thu, May 11, 2017 at 01:07:25PM +, Berkouwer, Walter wrote:
> Hello
>
> I am trying to setup an IPA configuration at an remote site. I got the
> ssh-connection working with a 6.6 client ( ipa-client version 3.0.0), but I
> can't get it working with a 7.3 client ( ipa-client version 4.4.0
Hello
I am trying to setup an IPA configuration at an remote site. I got the
ssh-connection working with a 6.6 client ( ipa-client version 3.0.0), but I
can't get it working with a 7.3 client ( ipa-client version 4.4.0 ).
Version of the server is 4.4.0.
Can some help me with this problem.
Thank you for the reply. Is there a specific order I should perform the DL
upgrade? Should I upgrade the master first then the replicas? Does the
IPA service need to be restarted after the DL upgrade?
*Mike Plemmons | Senior DevOps Engineer | CROSSCHX*
614.427.2411
On Thu, May 11, 2017 at 01:29:33PM +0200, tuxderlinuxfuch...@gmail.com wrote:
> Hello,
>
> I have attached the requested files.
The logs indicate that access was granted by SSSD and that gdm even
called pam_open_session.
Did gdm login worked with the 'allow all' rule? Are there any other
hints
Hello,
comments inline
On 11.05.2017 06:06, Robert L. Harris wrote:
Sigh... Sorry, it's been a long day, I thought I put that log in the
first pastebin. It's in this one: https://pastebin.com/18PAXXNS
Could you please provide journalctl -u httpd and /var/log/httpd/error_log ?
Also,
On 10.05.2017 22:42, Michael Plemmons wrote:
I am currently running 4.4.0 on a three node cluster. My domain level
is currently 0 on all three nodes. Is there a reason to keep the
domain level at 0? I do not plan on adding any older versions of IPA
into the cluster. Is there anything I
On 10.05.2017 18:38, Jason Sherrill wrote:
Hello,
I've recently implemented freeIPA in a mixed environment of Mac OS
10.12 and Windows 10 with limited issues!
One issue is that updating the reverse zone via nsupdate works without
issue, updating to the forward zone results in a REFUSED
On to, 11 touko 2017, Felix Chu wrote:
Hi , I would like to implement SSO for my Linux+Windows2012 machines
with MFA.
I have installed FreeIPA, it works well for my Linux client
authentication with OTP enabled. However, for Windows client, I can
only make it works with FreeIPA without OTP.
Hi , I would like to implement SSO for my Linux+Windows2012 machines with MFA.
I have installed FreeIPA, it works well for my Linux client authentication
with OTP enabled. However, for Windows client, I can only make it works with
FreeIPA without OTP.
The Windows machines are 2012 R2 without
16 matches
Mail list logo