On 08/12/2014 05:26 PM, Chris Whittle wrote:
Thanks Martin!


Thank you for the contribution!
Really appreciated.



On Tue, Aug 12, 2014 at 9:50 AM, Martin Kosek <mko...@redhat.com <mailto:mko...@redhat.com>> wrote:

    Thank you! I liked this page to
    http://www.freeipa.org/page/HowTos#Authentication
    and also improved formatting of the page. I am not sure about the
    "role"
    section though, we do not use "role" objectclass, so Okta's search
    probably
    returns no results anyway. It may be better to keep that blank IMO.

    Martin

    On 08/12/2014 03:46 PM, Chris Whittle wrote:
    > http://www.freeipa.org/page/HowTo/Integrate_With_Okta
    >
    >
    > On Sat, Aug 9, 2014 at 11:31 PM, Dmitri Pal <d...@redhat.com
    <mailto:d...@redhat.com>> wrote:
    >
    >>  On 08/08/2014 04:26 PM, Chris Whittle wrote:
    >>
    >> Hey Dimitri, What do you mean?  Both of them gave me the same
    answer and
    >> it worked.
    >>
    >>
    >> Right, now you have the knowledge which is burred in a mail
    thread and
    >> would be hard to find for others that might want to follow your
    steps.
    >> I was hoping you would find some time to summarize your setup and
    >> experience and share with others via a HOWTO page on the
    FreeIPA site [1].
    >>
    >> [1] http://www.freeipa.org/page/HowTos
    >>
    >> Thanks
    >> Dmitri
    >>
    >>
    >>  On Aug 8, 2014 3:25 PM, "Dmitri Pal" <d...@redhat.com
    <mailto:d...@redhat.com>> wrote:
    >>
    >>>  On 08/07/2014 02:21 PM, Chris Whittle wrote:
    >>>
    >>> Thanks guys that works!
    >>>
    >>>
    >>>
    >>> And what about HOWTO? ;-)
    >>>
    >>>
    >>>
    >>>
    >>> On Thu, Aug 7, 2014 at 12:22 PM, Lucas Yamanishi
    <lyamani...@sesda3.com <mailto:lyamani...@sesda3.com>>
    >>> wrote:
    >>>
    >>>>   On 08/07/2014 12:18 PM, Chris Whittle wrote:
    >>>>
    >>>> I'm currently working on a trial with OKTA and have installed
    their
    >>>> server agent with no issues.  Now I'm trying to map FreeIPA
    attributes with
    >>>> OKTA's
    >>>>
    >>>>  I'm getting no entries found, which leads me to think I'm
    missing
    >>>> something
    >>>> [image: Inline image 1]
    >>>>  [image: Inline image 2]
    >>>>  [image: Inline image 3]
    >>>>  Thanks!
    >>>>
    >>>>
    >>>>   The objectClass values look incorrect. Try posixAccount and
    posixGroup
    >>>> for users and groups. Roles are groupOfNames, but that’s a
    little less
    >>>> specific and will match non-role entries without a search base.
    >>>>
    >>>> You can easily look up raw entries to check your mappings
    with commands
    >>>> like these (the —all and —raw options are available for all
    *-show
    >>>> commands, afaik):
    >>>>
    >>>> ipa user-show --all --raw $USER_NAME
    >>>> ipa group-show --all  --raw $GROUP
    >>>> ipa role-show --all --raw $ROLE
    >>>>
    >>>> Or pure ldaputils:
    >>>>
    >>>>  ldapsearch -LLL -YGSSAPI -b
    'cn=users,cn=accounts,dc=example,dc=com' 'uid=$USER_NAME'
    >>>>
    >>>> ​
    >>>>
    >>>> --
    >>>> -----
    >>>> *question everything*learn something*answer nothing*
    >>>> ------------
    >>>> Lucas Yamanishi
    >>>> ------------------
    >>>> Systems Administrator, ADNET Systems, Inc.
    >>>> NASA Space and Earth Science Data Analysis (606.9)
    >>>> 7515 Mission Drive, Suite A100
    >>>> Lanham, MD 20706 * 301-352-4646 * 0xD354B2CB
    >>>>
    >>>>
    >>>> --
    >>>> Manage your subscription for the Freeipa-users mailing list:
    >>>> https://www.redhat.com/mailman/listinfo/freeipa-users
    >>>> Go To http://freeipa.org for more info on the project
    >>>>
    >>>
    >>>
    >>>
    >>>
    >>>
    >>> --
    >>> Thank you,
    >>> Dmitri Pal
    >>>
    >>> Sr. Engineering Manager IdM portfolio
    >>> Red Hat, Inc.
    >>>
    >>>
    >>> --
    >>> Manage your subscription for the Freeipa-users mailing list:
    >>> https://www.redhat.com/mailman/listinfo/freeipa-users
    >>> Go To http://freeipa.org for more info on the project
    >>>
    >>
    >>
    >> --
    >> Thank you,
    >> Dmitri Pal
    >>
    >> Sr. Engineering Manager IdM portfolio
    >> Red Hat, Inc.
    >>
    >>
    >
    >
    >




--
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to