Hi,
I'm trying to install on CentOS 6.5 (ipa-server-3.0.0-37.el6.x86_64) and an
external CA. I'm getting this error:
Command '/usr/bin/sslget -v -n ipa-ca-agent -p -d /tmp/tmp-jNYt3P -r
/ca/agent/ca/profileReview?requestId=6 auth.lan:9443' returned non-zero exit
status 4
I found a thr
Correction from my email, the condition that sets if a 389DS user is
proxied to pam_krb5 is the "pamFilter", sorry.
On Wed, Mar 5, 2014 at 5:22 PM, Trey Dockendorf wrote:
> On Mon, Mar 3, 2014 at 7:29 PM, Dmitri Pal wrote:
>> On 03/03/2014 07:47 PM, Simo Sorce wrote:
>>>
>>> On Mon, 2014-03-03 a
On Mon, Mar 3, 2014 at 7:29 PM, Dmitri Pal wrote:
> On 03/03/2014 07:47 PM, Simo Sorce wrote:
>>
>> On Mon, 2014-03-03 at 18:42 -0600, Trey Dockendorf wrote:
>>>
>>> Is it possible with FreeIPA to use an external KDC or pass some or all
>>> authentication to an external KDC? The KDC at our Univer
On 03/04/2014 03:22 PM, Innes, Duncan wrote:
Hi,
I'm testing an upgrade of my prod IPA servers in a dev cluster at the
moment. Finally completed the upgrade, so I tested some user adds via
the WebUI.
Added user "aardvark" on ipa01 - replicated to ipa02
Added user "beaver" on ipa02 - NOT repl
Thanks you sir!
Shaun McAdams
National Government Services
Health IT : CPI-Predictive Modeling
(o) - 317.595.4905 / x2004905
(c) - 317.430.9845
-Original Message-
From: Alexander Bokovoy [mailto:aboko...@redhat.com]
Sent: Wednesday, March 05, 2014 10:15 AM
To: Mcadams, Shaun
Cc: freeip
Dmitri Pal wrote:
On 03/03/2014 08:50 AM, Lager, Nathan T. wrote:
Today i found that i was unable to authenticate to FreeIPA.
I logged into my IPA master, and found that the cert had expired.
Which has never been a problem in the past.
I did some googling, and found a few others with similar p
On Wed, 05 Mar 2014, Mcadams, Shaun wrote:
We use ipa on our red hat boxes and have recently installed a SAS
suite/servers for a contract. Their users are a mix of
internal/external associates. Integrating with this ipa was
straight-forward. Their application is able to use pam, but their
logo
We use ipa on our red hat boxes and have recently installed a SAS suite/servers
for a contract. Their users are a mix of internal/external associates.
Integrating with this ipa was straight-forward. Their application is able to
use pam, but their logon manager is limited as it does not suppor
On 03/05/2014 04:56 AM, Innes, Duncan wrote:
I didn't record the time that the "beaver" user was added to ipa2, but
the logs after the upgrade & reboot are:
ipa01
=
[04/Mar/2014:19:16:05 +] slapd_ldap_sasl_interactive_bind - Error:
could not perform interactive bind for id [] mech [GSSA
On Wed, Mar 05, 2014 at 07:42:36AM -0500, Josh wrote:
> I'm trying to use selinuxusermap to configure the SELinux role that
> users are assigned when they logged in to systems. I have a
> question of what algorithm is used to determine which rule wins when
> multiple match.
>
> My current setup i
I'm trying to use selinuxusermap to configure the SELinux role that
users are assigned when they logged in to systems. I have a question of
what algorithm is used to determine which rule wins when multiple match.
My current setup is:
ipa selinuxusermap-add staff_u --selinuxuser=staff_u:s0-s0
I didn't record the time that the "beaver" user was added to ipa2, but
the logs after the upgrade & reboot are:
ipa01
=
[04/Mar/2014:19:16:05 +] slapd_ldap_sasl_interactive_bind - Error:
could not perform interactive bind for id [] mech [GSSAPI]: LDAP error
-1 (Can't contact LDAP server)
Sorry - the upgrade was actually from RHEL 6.3 to RHEL 6.5.
ipa went from
ipa-server-2.2.0-16.el6.x86_64
to
ipa-server-3.0.0-37.el6.x86_64
Cheers
Duncan
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf
13 matches
Mail list logo