Am 03.12.2014 um 14:53 schrieb Alexander Bokovoy:
> On Wed, 03 Dec 2014, Andreas Ladanyi wrote:
>> Hi,
>>
>> iam trying to setup a cross-realm relationship.
>>
>> Generated krbtgt cross-realm principals on both KDCs with the same
>> password and kvno:
>>
>> krbtgt/REALM_B (MIT Kerberos)@REALM_A (Fr
On Sat, Nov 22, 2014 at 02:05:19PM -0800, Michael Lasevich wrote:
> I got some extra log output: seems that FAST IS being used. I am running
> SSSD 1.11.6, which is supposed to have above mentioned issues fixed:
>
> Log:
> =
> (Sat Nov 22 14:55:43 2014) [[sssd[krb5_child[2451
On Thu, 04 Dec 2014, Andreas Ladanyi wrote:
Am 03.12.2014 um 14:53 schrieb Alexander Bokovoy:
On Wed, 03 Dec 2014, Andreas Ladanyi wrote:
Hi,
iam trying to setup a cross-realm relationship.
Generated krbtgt cross-realm principals on both KDCs with the same
password and kvno:
krbtgt/REALM_B (
On 4.12.2014 12:07, Alexander Bokovoy wrote:
> On Thu, 04 Dec 2014, Andreas Ladanyi wrote:
>> Am 03.12.2014 um 14:53 schrieb Alexander Bokovoy:
>>> On Wed, 03 Dec 2014, Andreas Ladanyi wrote:
Hi,
iam trying to setup a cross-realm relationship.
Generated krbtgt cross-realm p
On Thu, 04 Dec 2014, Petr Spacek wrote:
And /var/log/krb5kdc.log on master.f21.test (KDC for F21.TEST) I can
see:
Dec 04 12:41:52 master.f21.test krb5kdc[1131](info): bad realm transit path
from 'ad...@ipa5.test' to 'host/master.f21.t...@f21.test' via ''
Dec 04 12:41:52 master.f21.test krb5kdc[11
On 12/04/2014 08:39 AM, Rich Megginson wrote:
On 12/04/2014 01:45 AM, Petr Spacek wrote:
On 4.12.2014 05:02, Janelle wrote:
Thanks -- still a bit strange that it did not show up on some
servers - vary
random and intermittent.
BTW - a bit of information others might find useful. If you try to
On 12/04/2014 01:45 AM, Petr Spacek wrote:
On 4.12.2014 05:02, Janelle wrote:
Thanks -- still a bit strange that it did not show up on some servers - vary
random and intermittent.
BTW - a bit of information others might find useful. If you try to use the
"LDAP" portion of IPA for authenticatio
On 12/04/2014 09:41 AM, Rich Megginson wrote:
On 12/04/2014 08:39 AM, Rich Megginson wrote:
On 12/04/2014 01:45 AM, Petr Spacek wrote:
On 4.12.2014 05:02, Janelle wrote:
Thanks -- still a bit strange that it did not show up on some
servers - vary
random and intermittent.
BTW - a bit of infor
Dmitri Pal wrote:
> On 12/04/2014 09:41 AM, Rich Megginson wrote:
>> On 12/04/2014 08:39 AM, Rich Megginson wrote:
>>> On 12/04/2014 01:45 AM, Petr Spacek wrote:
On 4.12.2014 05:02, Janelle wrote:
> Thanks -- still a bit strange that it did not show up on some
> servers - vary
> ra
Hi all,
just (pam)auth and nslcd
It was ported from a running OpenLDAP environment to IPA. Just trying
to do conversions in stages so as not to change too much all at once.
Thought I could go from OpenLDAP to IPA and just use the backend of
389ds. Functionally it does work, but the load kill
On Thu, 4 Dec 2014 13:22:01 +0200
Alexander Bokovoy wrote:
> On Thu, 04 Dec 2014, Petr Spacek wrote:
> >> And /var/log/krb5kdc.log on master.f21.test (KDC for F21.TEST) I
> >> can see:
> >> Dec 04 12:41:52 master.f21.test krb5kdc[1131](info): bad realm
> >> transit path from 'ad...@ipa5.test' to
On 4.12.2014 16:58, Simo Sorce wrote:
> On Thu, 4 Dec 2014 13:22:01 +0200
> Alexander Bokovoy wrote:
>
>> On Thu, 04 Dec 2014, Petr Spacek wrote:
And /var/log/krb5kdc.log on master.f21.test (KDC for F21.TEST) I
can see:
Dec 04 12:41:52 master.f21.test krb5kdc[1131](info): bad realm
On Thu, 04 Dec 2014, Petr Spacek wrote:
On 4.12.2014 16:58, Simo Sorce wrote:
On Thu, 4 Dec 2014 13:22:01 +0200
Alexander Bokovoy wrote:
On Thu, 04 Dec 2014, Petr Spacek wrote:
And /var/log/krb5kdc.log on master.f21.test (KDC for F21.TEST) I
can see:
Dec 04 12:41:52 master.f21.test krb5kdc[1
On 12/04/2014 09:56 AM, Janelle wrote:
Hi all,
just (pam)auth and nslcd
It was ported from a running OpenLDAP environment to IPA. Just trying
to do conversions in stages so as not to change too much all at once.
Thought I could go from OpenLDAP to IPA and just use the backend of
389ds. Func
On Thu, 04 Dec 2014, Janelle wrote:
Hi all,
just (pam)auth and nslcd
It was ported from a running OpenLDAP environment to IPA. Just trying
to do conversions in stages so as not to change too much all at once.
Thought I could go from OpenLDAP to IPA and just use the backend of
389ds. Functio
On 12/4/14 8:30 AM, Alexander Bokovoy wrote:
On Thu, 04 Dec 2014, Janelle wrote:
Hi all,
just (pam)auth and nslcd
It was ported from a running OpenLDAP environment to IPA. Just
trying to do conversions in stages so as not to change too much all
at once. Thought I could go from OpenLDAP to I
On 12/04/2014 04:56 PM, Janelle wrote:
Hi all,
just (pam)auth and nslcd
It was ported from a running OpenLDAP environment to IPA. Just trying
to do conversions in stages so as not to change too much all at once.
Thought I could go from OpenLDAP to IPA and just use the backend of
389ds. Fun
On 4.12.2014 17:27, Alexander Bokovoy wrote:
> On Thu, 04 Dec 2014, Petr Spacek wrote:
>> On 4.12.2014 16:58, Simo Sorce wrote:
>>> On Thu, 4 Dec 2014 13:22:01 +0200
>>> Alexander Bokovoy wrote:
>>>
On Thu, 04 Dec 2014, Petr Spacek wrote:
>> And /var/log/krb5kdc.log on master.f21.test (KD
To help understand the environment a bit - perhaps this will help.
1. Approx 7500 clients across 3 datacenters- all manor of *nix, ranging
from AIX, Linux, HP-UX and Solaris - hence the reason why they all
can't use ipa-client configs. Although that is in the plan at least
for Linux syst
On 12/04/2014 11:01 AM, Janelle wrote:
To help understand the environment a bit - perhaps this will help.
1. Approx 7500 clients across 3 datacenters- all manor of *nix,
ranging from AIX, Linux, HP-UX and Solaris - hence the reason why
they all can't use ipa-client configs. Although tha
Hi,
I have a IDM (v3.3) installed on a Redhat7.
I have a IDM realm connected to an AD via trust relationship.
In the IDM realm there are Redhat6 and Redhat5 clients.
My client ask to be able to connect to the Linux machine with their AD without
entering their domain (just username). On Redhat 6
I answer to myself. (but my problem is not resolved)
> - Mail original -
> De: "Nicolas Zin"
> À: freeipa-users@redhat.com
> Envoyé: Jeudi 4 Décembre 2014 18:49:36
> Objet: [Freeipa-users] ad trust and default_domain_suffix
>
> Hi,
>
> I have a IDM (v3.3) installed on a Redhat7.
> I hav
22 matches
Mail list logo