Hey Alexander, I have tried installing a new IPA server with my expected ranges on my new site and its working fine.Thanks for the document.
I have observed a couple of errors. POSIX ID's 4248,4141,4121,4258..etc. all are my infra group id's. [30/Nov/2023:05:17:36.931522914 -0500] - ERR - sidgen_task_thread - [file ipa_sidgen_task.c, line 194]: Sidgen task starts ... [30/Nov/2023:05:17:36.933841900 -0500] - ERR - sidgen_task_thread - [file ipa_sidgen_task.c, line 199]: Sidgen task finished [0]. [30/Nov/2023:05:17:41.443256202 -0500] - ERR - schema-compat-plugin - warning: no entries set up under ou=sudoers,dc=alpha-grep,dc=com [30/Nov/2023:05:17:41.449472986 -0500] - ERR - schema-compat-plugin - warning: no entries set up under cn=ng, cn=compat,dc=alpha-grep,dc=com [30/Nov/2023:05:17:41.456705946 -0500] - ERR - schema-compat-plugin - warning: no entries set up under cn=computers, cn=compat,dc=alpha-grep,dc=com [30/Nov/2023:05:17:41.457666134 -0500] - ERR - schema-compat-plugin - Finished plugin initialization. [30/Nov/2023:05:27:02.337803787 -0500] - ERR - find_sid_for_ldap_entry - [file ipa_sidgen_common.c, line 521]: Cannot convert Posix ID [4141] into an unused SID. [30/Nov/2023:05:27:02.338927487 -0500] - ERR - ipa_sidgen_add_post_op - [file ipa_sidgen.c, line 149]: Cannot add SID to new entry. [30/Nov/2023:06:03:06.173948392 -0500] - ERR - find_sid_for_ldap_entry - [file ipa_sidgen_common.c, line 521]: Cannot convert Posix ID [4121] into an unused SID. [30/Nov/2023:06:03:06.174922473 -0500] - ERR - ipa_sidgen_add_post_op - [file ipa_sidgen.c, line 149]: Cannot add SID to new entry. [30/Nov/2023:06:22:36.616707461 -0500] - ERR - rid_to_sid_with_check - [file ipa_sidgen_common.c, line 384]: SID [S-1-5-21-3258431096-680571367-3483437258-16054] is already used. [30/Nov/2023:06:24:53.185373410 -0500] - ERR - find_sid_for_ldap_entry - [file ipa_sidgen_common.c, line 521]: Cannot convert Posix ID [4258] into an unused SID. [30/Nov/2023:06:24:53.186107898 -0500] - ERR - ipa_sidgen_add_post_op - [file ipa_sidgen.c, line 149]: Cannot add SID to new entry. [30/Nov/2023:07:07:48.738323141 -0500] - ERR - find_sid_for_ldap_entry - [file ipa_sidgen_common.c, line 521]: Cannot convert Posix ID [4249] into an unused SID. [30/Nov/2023:07:07:48.739492958 -0500] - ERR - ipa_sidgen_add_post_op - [file ipa_sidgen.c, line 149]: Cannot add SID to new entry. [30/Nov/2023:08:10:33.205867886 -0500] - ERR - find_sid_for_ldap_entry - [file ipa_sidgen_common.c, line 521]: Cannot convert Posix ID [4249] into an unused SID. [30/Nov/2023:08:10:33.206759596 -0500] - ERR - ipa_sidgen_add_post_op - [file ipa_sidgen.c, line 149]: Cannot add SID to new entry. [30/Nov/2023:08:33:53.787156179 -0500] - ERR - find_sid_for_ldap_entry - [file ipa_sidgen_common.c, line 521]: Cannot convert Posix ID [4249] into an unused SID. [30/Nov/2023:08:33:53.788186638 -0500] - ERR - ipa_sidgen_add_post_op - [file ipa_sidgen.c, line 149]: Cannot add SID to new entry. [root@ipa- ~]# [root@ipa-~]# ipa user-show test --all --raw dn: uid=test,cn=users,cn=accounts,dc=$REAL uid: test givenname: test sn: test cn: test initials: TE homedirectory: /home/test gecos: Test loginshell: /bin/bash krbcanonicalname: test@$REALM.COM krbprincipalname: kpradeep@$REALM.COM uidnumber: 5708 gidnumber: 4141 sshpubkeyfp: nsaccountlock: FALSE has_password: TRUE has_keytab: TRUE displayName: Test ipaNTSecurityIdentifier: S-1-5-21-3258431096-680571367-3483437258-1708 ipaSshPubKey: <key> ipaUniqueID: <id> krbExtraData: <data> krbLastAdminUnlock: 20231130174441Z krbLastPwdChange: 20231130174540Z krbLoginFailedCount: 0 krbPasswordExpiration: 20240228174540Z krbTicketFlags: 128 memberof: cn=admin,cn=groups,cn=accounts,dc=$real memberof: cn=ipausers,cn=groups,cn=accounts,dc=$real memberofindirect: ipaUniqueID=8c81c2c6-8f6b-11ee-b685-a68c8b95f346,cn=sudorules,cn=sudo,dc=$real mepManagedEntry: cn=test,cn=groups,cn=accounts,dc=$real objectClass: top objectClass: person objectClass: organizationalperson objectClass: inetorgperson objectClass: inetuser objectClass: posixaccount objectClass: krbprincipalaux objectClass: krbticketpolicyaux objectClass: ipaobject objectClass: ipasshuser objectClass: ipaSshGroupOfPubKeys objectClass: mepOriginEntry objectClass: ipantuserattrs [root@ipa- ~]# ipa idrange-find --all --raw ---------------- 2 ranges matched ---------------- dn: cn=$REALM_id_range,cn=ranges,cn=etc,dc=$real cn: $REALM_id_range ipabaseid: 5000 ipaidrangesize: 1995001 ipabaserid: 1000 ipasecondarybaserid: 100000000 iparangetype: ipa-local objectclass: top objectclass: ipaIDrange objectclass: ipaDomainIDRange dn: cn=$REALM_subid_range,cn=ranges,cn=etc,dc=$realm cn: $REALM_subid_range ipabaseid: 2147483648 ipaidrangesize: 2147352576 ipabaserid: 2145488647 ipanttrusteddomainsid: S-1-5-21-738065-838566-1448868364 iparangetype: ipa-ad-trust objectclass: top objectclass: ipaIDrange objectclass: ipaTrustedADDomainRange ---------------------------- Number of entries returned 2 ---------------------------- [root@ipa ~]# On Tue, Nov 28, 2023 at 4:58 PM Pradeep KNS <[email protected]> wrote: > Thanks a lot and I will Go through it. > > On Tue, Nov 28, 2023 at 4:56 PM Alexander Bokovoy <[email protected]> > wrote: > >> On Аўт, 28 ліс 2023, Pradeep KNS wrote: >> >ok but in my case i don't use AD,Windows authentication or replica etc, >> >just the centralised authentication system all are redhat os installed >> >servers. >> >In this case also i need to create a base RID? >> >> Yes. You keep ignoring my references to previous discussions. >> >> You will not get it working without proper SIDs because we require PAC >> presence to protect against Kerberos impersonation. This is not a >> theoretical probability anymore since November 2022 Microsoft security >> updates. The same attacks apply to all Kerberos environments and current >> way of protecting against them is to utilize MS-PAC buffers with >> appropriate signatures and checksums. PAC buffers require use of SIDs to >> address objects and that is what we enforce now. >> >> If you still want to know details, I'd suggest to watch at least the two >> talks we gave at SambaXP past few years: >> >> - "Kerberos" by Andrew Bartlett >> >> https://sambaxp.org/fileadmin/user_upload/sambaxp2022-Slides/Bartlett-Kerberos.pdf >> >> - Samba AD / MIT Kerberos: path out of experimental by me and Andreas >> >> https://sambaxp.org/fileadmin/user_upload/sambaxp2023-Slides/Bokovoy_Schneider_sXP23_SambaAD_Kerberos.pdf >> https://youtu.be/0_cdYuIYw0o >> >> While these talk about Samba AD, the changes went to both Samba and >> FreeIPA, as well as MIT Kerberos (and Microsoft's Active Directory too). >> >> So, look at the KCS I gave, understand how to add RID bases to your new >> ID range and fix your problem through that. >> >> > >> >On Tue, Nov 28, 2023 at 4:30 PM Alexander Bokovoy <[email protected]> >> >wrote: >> > >> >> On Аўт, 28 ліс 2023, Pradeep KNS wrote: >> >> >Alexander, >> >> > >> >> >Thanks for that document.Bit of that i did it but it dint worked looks >> >> like >> >> >i might followed some wrong steps. >> >> > >> >> >My default id range mentioned below >> >> >ipa idrange-find --all --raw >> >> >---------------- >> >> >2 ranges matched >> >> >---------------- >> >> > dn: cn=REALM_id_range,cn=ranges,cn=etc,dc=$SUFFIX >> >> > cn: REALM_id_range >> >> > ipabaseid: 771000000 >> >> > ipaidrangesize: 200000 >> >> > ipabaserid: 1000 >> >> > ipasecondarybaserid: 100000000 >> >> > iparangetype: ipa-local >> >> > objectclass: top >> >> > objectclass: ipaIDrange >> >> > objectclass: ipaDomainIDRange >> >> > >> >> > dn: cn=REALM_subid_range,cn=ranges,cn=etc,dc=SUFFIX >> >> > cn: REALM_subid_range >> >> > ipabaseid: 2147483648 >> >> > ipaidrangesize: 2147352576 >> >> > ipabaserid: 2147283648 >> >> > ipanttrusteddomainsid: S-1-5-21-738065-838566-1448868364 >> >> > iparangetype: ipa-ad-trust >> >> > objectclass: top >> >> > objectclass: ipaIDrange >> >> > objectclass: ipaTrustedADDomainRange >> >> > >> >> >################################## >> >> >Manually created ID range >> >> > >> >> >[root@ipa-mum1 ~]# ipa idrange-find --all --raw >> >> >---------------- >> >> >3 ranges matched >> >> >---------------- >> >> > dn: cn=REALM_id_new_range,cn=ranges,cn=etc,dc=SUFFIX >> >> > cn: REALM_id_new_range >> >> > ipabaseid: 1000 >> >> > ipaidrangesize: 200000 >> >> > iparangetype: ipa-local >> >> > objectclass: ipaIDrange >> >> > objectclass: ipadomainidrange >> >> >> >> You created a new ID range but this range has no RID bases. Therefore, >> >> the range cannot be used for SID assignment. >> >> >> >> The KCS article has a section about RID bases and how to choose them, >> >> please follow that. >> >> >> >> > >> >> >Then i created the user name called test user post it dint created >> >> expected >> >> >user attribute >> >> > >> >> >root@ipa~]#ipa user-add testuser --first=Test --last=User -uid=5189 >> >> >--gidnumber=4141 --password >> >> >root@ipa ~]# ipa user-show testuser --all >> >> > dn: uid=testuser,cn=users,cn=accounts,dc=real >> >> > User login: testuser >> >> > First name: Test >> >> > Last name: User >> >> > Full name: Test User >> >> > Display name: Testuser >> >> > Initials: TU >> >> > Home directory: /home/testuser >> >> > GECOS: Test User >> >> > Login shell: /bin/bash >> >> > Principal name: [email protected] >> >> > Principal alias: [email protected] >> >> > User password expiration: 20231124144147Z >> >> > UID: 5189 >> >> > GID: 4141 >> >> > Account disabled: False >> >> > Preserved user: False >> >> > Password: True >> >> > Member of groups: ipausers >> >> > Kerberos keys available: True >> >> > ipauniqueid: 88e7da44-8ad7-11ee-b06e-a68c8b95f346 >> >> > krbextradata: AAIrtmBlcm9vdC9hZG1pbkBBTFBIQS1HUkVQLkNPTQA= >> >> > krblastadminunlock: 20231124144147Z >> >> > krblastpwdchange: 20231124144147Z >> >> > krbloginfailedcount: 0 >> >> > mepmanagedentry: cn=testuser,cn=groups,cn=accounts,dc=example,dc=com >> >> > objectclass: top, person, organizationalperson, inetorgperson, >> inetuser, >> >> >posixaccount, krbprincipalaux, krbticketpolicyaux, ipaobject, >> ipasshuser, >> >> >ipaSshGroupOfPubKeys, mepOriginEntry >> >> > >> >> >The above method followed but after creating another id range >> manually, I >> >> >don't know where I missed post creation of ranges, for somehow it >> didn't >> >> >work. That's why I followed that generic method creating users and >> >> >modifying it manually. >> >> >PLease suggest me. >> >> > >> >> >On Tue, Nov 28, 2023 at 2:56 PM Pradeep KNS < >> [email protected]> >> >> >wrote: >> >> > >> >> >> Thanks will go through it. >> >> >> >> >> >> On Tue, Nov 28, 2023 at 2:54 PM Alexander Bokovoy < >> [email protected]> >> >> >> wrote: >> >> >> >> >> >>> On Аўт, 28 ліс 2023, Pradeep KNS wrote: >> >> >>> >Could you please help me with those threads here to regenerate >> sid’s. >> >> >>> >> >> >>> https://access.redhat.com/articles/7027037 >> >> >>> >> >> >>> > >> >> >>> > >> >> >>> >On Tue, 28 Nov 2023 at 2:27 PM, Alexander Bokovoy < >> >> [email protected]> >> >> >>> >wrote: >> >> >>> > >> >> >>> >> On Аўт, 28 ліс 2023, Pradeep KNS wrote: >> >> >>> >> >Yeah, >> >> >>> >> >But my default id range starts with 770000 but all my existing >> >> >>> >> >infrastructure uid's are within 4 digits like 4147,8921,9756 >> like >> >> >>> this. >> >> >>> >> >Here I am facing an issue. >> >> >>> >> > >> >> >>> >> >That's why I am creating users with default id range and then >> >> later I >> >> >>> am >> >> >>> >> >modifying it via uid's as per my infrastructure then >> ipantuserattrs >> >> >>> >> created >> >> >>> >> >and I am able to authenticate with password. >> >> >>> >> >> >> >>> >> This is wrong. >> >> >>> >> >> >> >>> >> > >> >> >>> >> >Can you suggest to me that with this setup i can easily handle >> >> >>> 350Users >> >> >>> >> for >> >> >>> >> >around 400 servers across different different locations with >> cache >> >> of >> >> >>> >> >storing on ipa clients. >> >> >>> >> >> >> >>> >> As I already said in other threads, create additional ID range >> that >> >> >>> >> covers your 4-digit IDs, then re-run SID generation to make sure >> >> those >> >> >>> >> users get proper SIDs. >> >> >>> >> >> >> >>> >> This is covered in the KCS. >> >> >>> >> >> >> >>> >> > >> >> >>> >> >On Tue, Nov 28, 2023 at 2:00 PM Alexander Bokovoy < >> >> >>> [email protected]> >> >> >>> >> >wrote: >> >> >>> >> > >> >> >>> >> >> Please don't drop mailing list. >> >> >>> >> >> >> >> >>> >> >> On Аўт, 28 ліс 2023, Pradeep KNS wrote: >> >> >>> >> >> >Hey Alexander, >> >> >>> >> >> > >> >> >>> >> >> >Thanks For the Reply. >> >> >>> >> >> > >> >> >>> >> >> >But in my case i have fixed it by recreating the user on >> Ipa web >> >> >>> UI and >> >> >>> >> >> >observing ipantuserattrs created password logins are working >> >> fine. >> >> >>> >> >> > >> >> >>> >> >> >But do I face any issues if I try to modify the base id >> range >> >> >>> >> manually? as >> >> >>> >> >> >per redhat docs which is not recommended to modify. >> >> >>> >> >> >> >> >>> >> >> If you have re-created your user and that new one works, it >> means >> >> >>> >> >> underlying infrastructure works properly. Older user entries >> need >> >> >>> to be >> >> >>> >> >> fixed. Preferrably through a new ID range, if those entries >> use >> >> IDs >> >> >>> >> >> which are outside of the main ID range. >> >> >>> >> >> >> >> >>> >> >> > >> >> >>> >> >> >Also on ipa 4.11 they support dedicated ssh key based >> >> >>> >> >> >authentication.Ofcourse now also its working. >> >> >>> >> >> > >> >> >>> >> >> >My setup is that I have internal dns which is handled by a >> >> puppet >> >> >>> and >> >> >>> >> >> >slowly will move it to a dedicated internal dns server so >> that's >> >> >>> why i >> >> >>> >> >> >opted for ipa installation without dns. >> >> >>> >> >> > >> >> >>> >> >> >On Tue, Nov 28, 2023 at 1:06 PM Alexander Bokovoy < >> >> >>> [email protected] >> >> >>> >> > >> >> >>> >> >> >wrote: >> >> >>> >> >> > >> >> >>> >> >> >> On Пан, 27 ліс 2023, Pradeep KNS via FreeIPA-users wrote: >> >> >>> >> >> >> >Hi Rob, >> >> >>> >> >> >> >Thank you for your email. I've identified the issue. >> >> >>> >> >> >> >When attempting to create a user using the 'ipa user-add' >> >> >>> command >> >> >>> >> and >> >> >>> >> >> >> >defining the UID and GID according to my specifications, >> the >> >> UID >> >> >>> >> falls >> >> >>> >> >> >> >within the 4-digit range, for instance, 4141. The >> >> >>> >> >> >> >IPA IDs range during installation was set to 770000. >> Users >> >> >>> created >> >> >>> >> >> within >> >> >>> >> >> >> >this range are accepted with their passwords. However, >> users >> >> >>> created >> >> >>> >> >> with >> >> >>> >> >> >> >UIDs like 4141 or 4142 encounter issues. >> >> >>> >> >> >> > >> >> >>> >> >> >> >Looks like attributes, were not creating >> >> >>> >> >> >> > >> >> >>> >> >> >> >objectclass: top, person, organizationalperson, >> >> inetorgperson, >> >> >>> >> >> inetuser, >> >> >>> >> >> >> >posixaccount, krbprincipalaux, krbticketpolicyaux, >> ipaobject, >> >> >>> >> >> ipasshuser, >> >> >>> >> >> >> >ipaSshGroupOfPubKeys, mepOriginEntry, ipantuserattrs >> >> >>> >> >> >> > >> >> >>> >> >> >> >If i mention uid and gid using ipa user-add command >> >> >>> >> >> >> >ipantuserattrs is not getting create. >> >> >>> >> >> >> > >> >> >>> >> >> >> >I tried to modify default range but it dint happened. >> >> >>> >> >> >> >> >> >>> >> >> >> See my answers in a parallel thread 'kinit fails on >> freeipa >> >> >>> master: >> >> >>> >> File >> >> >>> >> >> >> or directory not found'. >> >> >>> >> >> >> >> >> >>> >> >> >> > >> >> >>> >> >> >> > >> >> >>> >> >> >> > >> >> >>> >> >> >> >On Mon, 27 Nov 2023 at 9:41 PM, Rob Crittenden < >> >> >>> [email protected] >> >> >>> >> > >> >> >>> >> >> >> wrote: >> >> >>> >> >> >> > >> >> >>> >> >> >> >> Pradeep KNS wrote: >> >> >>> >> >> >> >> > Hi, >> >> >>> >> >> >> >> > I have installed an ipa with internal dns.After >> >> installing >> >> >>> >> updated >> >> >>> >> >> >> >> > entries on dns as well. >> >> >>> >> >> >> >> > >> >> >>> >> >> >> >> > My main criteria is to communicate with ipa clients >> with >> >> ssh >> >> >>> >> >> keybased >> >> >>> >> >> >> >> > authentication which is working fine. >> >> >>> >> >> >> >> > >> >> >>> >> >> >> >> > Today i tot of i want to test with password based >> >> >>> authentication >> >> >>> >> >> which >> >> >>> >> >> >> >> > is not happening.I dont know where i am missing >> >> >>> >> >> >> >> > >> >> >>> >> >> >> >> > >> >> >>> >> >> >> >> > [[email protected] <mailto:[email protected]>]# ipa >> >> --version >> >> >>> >> >> >> >> > VERSION: 4.10.1, API_VERSION: 2.251 >> >> >>> >> >> >> >> > [[email protected] <mailto:[email protected]>]# >> >> >>> >> >> >> >> > >> >> >>> >> >> >> >> > ********************** PREVIOUS MESSAGE WAS >> TRIGGERED BY >> >> THE >> >> >>> >> >> FOLLOWING >> >> >>> >> >> >> >> > BACKTRACE: >> >> >>> >> >> >> >> > * (2023-11-23 19:33:16): [krb5_child[11588]] >> >> >>> [tgt_req_child] >> >> >>> >> >> >> >> > (0x1000): [RID#15] Password was expired >> >> >>> >> >> >> >> >> >> >>> >> >> >> >> The user's password is expired. >> >> >>> >> >> >> >> >> >> >>> >> >> >> >> IPA intends that only the end-user knows their >> password. So >> >> >>> if it >> >> >>> >> is >> >> >>> >> >> set >> >> >>> >> >> >> >> or reset by an administrator the user will need to >> change >> >> it. >> >> >>> >> >> >> >> >> >> >>> >> >> >> >> Is the user not prompted to reset it? >> >> >>> >> >> >> >> >> >> >>> >> >> >> >> rob >> >> >>> >> >> >> >> >> >> >>> >> >> >> >> > * (2023-11-23 19:33:16): [krb5_child[11588]] >> >> >>> >> >> [sss_krb5_responder] >> >> >>> >> >> >> >> > (0x4000): [RID#15] Got question [password]. >> >> >>> >> >> >> >> > * (2023-11-23 19:33:16): [krb5_child[11588]] >> >> >>> >> [map_krb5_error] >> >> >>> >> >> >> >> > (0x0020): [RID#15] 2138: [-1765328324][Generic error >> (see >> >> >>> >> e-text)] >> >> >>> >> >> >> >> > ********************** BACKTRACE DUMP ENDS HERE >> >> >>> >> >> >> >> > ********************************* >> >> >>> >> >> >> >> > >> >> >>> >> >> >> >> > ssh log >> >> >>> >> >> >> >> > >> >> >>> >> >> >> >> > Nov 23 19:33:16 test-example.com < >> >> http://test-example.com> >> >> >>> >> >> >> sshd[11586]: >> >> >>> >> >> >> >> > pam_sss(sshd:auth): authentication failure; logname= >> >> uid=0 >> >> >>> >> euid=0 >> >> >>> >> >> >> >> > tty=ssh ruser= rhost=10.10.1.1 user=harsh >> >> >>> >> >> >> >> > Nov 23 19:33:16 test-example.com < >> >> http://test-example.com> >> >> >>> >> >> >> sshd[11586]: >> >> >>> >> >> >> >> > pam_sss(sshd:auth): received for user harsh: 4 >> (System >> >> >>> error) >> >> >>> >> >> >> >> > Nov 23 19:33:18test-example.com < >> >> http://18test-example.com> >> >> >>> >> >> >> sshd[11584]: >> >> >>> >> >> >> >> > error: PAM: Authentication failure for harsh from >> >> 10.10.1.1 >> >> >>> >> >> >> >> > Nov 23 19:33:20 test-example.com < >> >> http://test-example.com> >> >> >>> >> >> >> sshd[11584]: >> >> >>> >> >> >> >> > Connection closed by authenticating user harsh >> 10.10.1.1 >> >> >>> port >> >> >>> >> 47724 >> >> >>> >> >> >> >> > [preauth] >> >> >>> >> >> >> >> >> >> >>> >> >> >> >> >> >> >>> >> >> >> >> >> >> >>> >> >> >> >> >> >>> >> >> >> >> >> >>> >> >> >> >> >> >>> >> >> >> >> >> >>> >> >> >> -- >> >> >>> >> >> >> / Alexander Bokovoy >> >> >>> >> >> >> Sr. Principal Software Engineer >> >> >>> >> >> >> Security / Identity Management Engineering >> >> >>> >> >> >> Red Hat Limited, Finland >> >> >>> >> >> >> >> >> >>> >> >> >> >> >> >>> >> >> >> >> >>> >> >> >> >> >>> >> >> >> >> >>> >> >> >> >> >>> >> >> -- >> >> >>> >> >> / Alexander Bokovoy >> >> >>> >> >> Sr. Principal Software Engineer >> >> >>> >> >> Security / Identity Management Engineering >> >> >>> >> >> Red Hat Limited, Finland >> >> >>> >> >> >> >> >>> >> >> >> >> >>> >> >> >> >>> >> >> >> >>> >> >> >> >>> >> >> >> >>> >> -- >> >> >>> >> / Alexander Bokovoy >> >> >>> >> Sr. Principal Software Engineer >> >> >>> >> Security / Identity Management Engineering >> >> >>> >> Red Hat Limited, Finland >> >> >>> >> >> >> >>> >> >> >> >>> >> >> >>> >> >> >>> >> >> >>> >> >> >>> -- >> >> >>> / Alexander Bokovoy >> >> >>> Sr. Principal Software Engineer >> >> >>> Security / Identity Management Engineering >> >> >>> Red Hat Limited, Finland >> >> >>> >> >> >>> >> >> >> >> >> >> >> >> >> >> -- >> >> / Alexander Bokovoy >> >> Sr. Principal Software Engineer >> >> Security / Identity Management Engineering >> >> Red Hat Limited, Finland >> >> >> >> >> >> >> >> >> -- >> / Alexander Bokovoy >> Sr. Principal Software Engineer >> Security / Identity Management Engineering >> Red Hat Limited, Finland >> >>
-- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
