On (24/08/16 11:42), Orion Poplawski wrote:
>While that is definitely *a* convention, it's not the one we've used which
>puts users by default in shared groups (nwra, visitors, etc). For example:
>
>uid=2941(user) gid=1991(nwra)
>
The user "user" should be a member "nwra" group.
If no then you hav
T.J. Yang wrote:
Hi
I was able to try out freeipa-4.4.1 on fedora 24 server by quick dnf
enable at
https://copr.fedorainfracloud.org/coprs/g/freeipa/freeipa-4-4/
But for production, I am hoping to run 4.4.1 on CentOS 7
Where is the doc explaining on this howto for CentOS 7 ?
It hasn't been
Hi
I was able to try out freeipa-4.4.1 on fedora 24 server by quick dnf enable
at
https://copr.fedorainfracloud.org/coprs/g/freeipa/freeipa-4-4/
But for production, I am hoping to run 4.4.1 on CentOS 7
Where is the doc explaining on this howto for CentOS 7 ?
tj
--
T.J. Yang
--
Manage your
In looking at the ID Views functionality in FreeIPA, it looks like I can
accomplish overrides (such as users’ shell in LDAP is /bin/bash, but on a
certain subset of hosts, users get /some/restrictive/shell instead? (Use case
#1: a bastion host or jump box where admins might want to validate that
FWIW - I've filed https://fedorahosted.org/freeipa/ticket/6293 to request the
ability to set the primary group for AD trust users.
On 08/24/2016 11:42 AM, Orion Poplawski wrote:
> While that is definitely *a* convention, it's not the one we've used which
> puts users by default in shared groups (n
Hi All,
My ipa-client-install fails until etc/resolve.conf gets updated with IPA
nameserver entry. I want to avoid a task of updating resolve.conf in my
automation script. Is there a way i can get my IPA client installation
successful without updating resolve.conf? what options do i have?
M
On Fri, 02 Sep 2016, Rob Crittenden wrote:
Alexander Bokovoy wrote:
On Fri, 02 Sep 2016, Mike Driscoll wrote:
Hello. I want to script the new user creation process. I read in
section 9.4 that "any user who has password change rights can change a
password and no password policies are applied,
Alexander Bokovoy wrote:
On Fri, 02 Sep 2016, Mike Driscoll wrote:
Hello. I want to script the new user creation process. I read in
section 9.4 that "any user who has password change rights can change a
password and no password policies are applied, but the other user must
reset the password a
On Fri, 02 Sep 2016, Mike Driscoll wrote:
Hello. I want to script the new user creation process. I read in
section 9.4 that "any user who has password change rights can change a
password and no password policies are applied, but the other user must
reset the password at the next login.” I want
Hello. I want to script the new user creation process. I read in section 9.4
that "any user who has password change rights can change a password and no
password policies are applied, but the other user must reset the password at
the next login.” I want to create an account with this limited c
On 09/01/2016 06:13 AM, Andrey Rogovsky wrote:
> Hi!
> I have 2 servers - ldap1 is FreeIPA (master) and ldap2 is 389 DS (slave).
> One way replication ldap1 -> ldap2 is enabled but scheme is not
> replicated:
What version of 389-ds-base are you using?
rpm -qa | grep 389-ds-base
>
> Log file ldap
Morning Alexander,
>>Failed user:
>> aagrim: missing attribute "sn" required by object class
>> "organizationalPerson"
>> acctemp: missing attribute "sn" required by object class
>>"organizationalPerson"
>> ...
> This looks like a common problem. I had recently made a small 'hack' to
>
On Fri, 02 Sep 2016, Ernedin Zajko wrote:
Hi Alexander,
thank you for this - i think this should even work for missing some
mandatory (gid) attributes...
Yes, this fixup module can be used for anything to inject.
regards,
--- Ernedin ZAJKO
eza...@root.ba
340282366920938463463374607431768
Hi Alexander,
thank you for this - i think this should even work for missing some
mandatory (gid) attributes...
regards,
--- Ernedin ZAJKO
eza...@root.ba
> 340282366920938463463374607431768211456
On Thu, Sep 1, 2016 at 9:26 PM, Alexander Bokovoy wrote:
> On Thu, 01 Sep 2016, William Murii
Hi,
is it possible to transfer the Kerberos Master Key to the new IPA Server?
- rene
On 31.08.2016 10:57, Rene Trippen wrote:
On 25.08.2016 19:44, Rob Crittenden wrote:
Rene Trippen wrote:
Hi,
I`ve got an IPA with a broken CA infrastructure (don`t know what
happened, but new clients cannot
On Fri, Sep 02, 2016 at 09:27:57AM +0200, Lukas Slebodnik wrote:
> On (26/08/16 07:54), Jakub Hrozek wrote:
> >On Thu, Aug 25, 2016 at 10:41:53PM +0200, Lukas Slebodnik wrote:
> >> On (25/08/16 11:30), Troels Hansen wrote:
> >> >Hmm, adding the CentOS SSSD 1.14 copr repo and running yum upgrade,
>
On (26/08/16 07:54), Jakub Hrozek wrote:
>On Thu, Aug 25, 2016 at 10:41:53PM +0200, Lukas Slebodnik wrote:
>> On (25/08/16 11:30), Troels Hansen wrote:
>> >Hmm, adding the CentOS SSSD 1.14 copr repo and running yum upgrade,
>> >getting a version 1.14.1, clean cache DB (complaing about cache being
>
17 matches
Mail list logo