Hello all,
I'd to verify with you if certmonger.service should be enabled by
default after IPA client installation or not. If I remember correctly,
it used to start by on CentOS6, IPA client ~3.0.0, after ipa-client
installation and reboots.
The thing is, for first time usage and subsequent
Hello all,
I've ran into strange issue with IPA/SSSD/SSH/SELinux which started when I
figured out that I cannot ssh with pubkey auth to Fedora 23 (ipa-client) systems
while I can to CentOS 7.2 (ipa-client and ipa-server) systems within same IPA
domain. I will appreciate any help whatsoever.
IPA se
=1348447
Thank you!
Martin
On 6/21/2016 9:43 AM, Sumit Bose wrote:
On Mon, Jun 20, 2016 at 10:46:13PM +0200, Martin Štefany wrote:
Hello all,
I've ran into strange issue with IPA/SSSD/SSH/SELinux which started when I
figured out that I cannot ssh with pubkey auth to Fedora 23 (ipa-client) sy
On 6/21/2016 1:16 PM, Sumit Bose wrote:
On Tue, Jun 21, 2016 at 12:43:23PM +0200, Martin Štefany wrote:
Hello Sumit,
putting SELinux to permissive mode and/or enabling nis_enabled seboolean
seemed not help at all. And you are right, my user has userCertificate
(needed for secure libvirtd
016 5:01 PM, Sumit Bose wrote:
On Tue, Jun 21, 2016 at 01:23:11PM +0200, Martin Štefany wrote:
On 6/21/2016 1:16 PM, Sumit Bose wrote:
On Tue, Jun 21, 2016 at 12:43:23PM +0200, Martin Štefany wrote:
Hello Sumit,
putting SELinux to permissive mode and/or enabling nis_enabled seboolean
seemed not h
On So, 2016-07-16 at 15:37 +0200, Lukas Slebodnik wrote:
> On (16/07/16 10:19), Martin Štefany wrote:
> >
> > Hello Sumit,
> >
> > seems that upgrade to F24 broke things again. This time no AVCs, empty SSSD
> > logs, but same problem: 'Error looking up
On 7/18/2016 9:50 AM, Sumit Bose wrote:
On Sun, Jul 17, 2016 at 11:21:34PM +0200, Martin Štefany wrote:
On So, 2016-07-16 at 15:37 +0200, Lukas Slebodnik wrote:
On (16/07/16 10:19), Martin Štefany wrote:
Hello Sumit,
seems that upgrade to F24 broke things again. This time no AVCs, empty
d:
$ pkexec cockpit-bridge
AUTHENTICATING FOR org.freedesktop.policykit.exec ===
Authentication is needed to run `/usr/bin/cockpit-bridge' as the super
user
Multiple identities can be used for authentication:
1. Martin Štefany (martin)
2. ...
3. ...
Choose identity to authenticate as (1-3): 1
Password:
===
On St, 2015-10-21 at 09:32 +0200, Jakub Hrozek wrote:
> On Tue, Oct 20, 2015 at 11:25:56PM +0200, Martin Štefany wrote:
> > Hello,
> >
> > did anybody manage to get FreeIPA admin user (member of admins
> > group,
> > full sudo access, etc.) to be also
On Ut, 2015-10-27 at 15:48 +0100, Petr Spacek wrote:
> On 20.10.2015 23:25, Martin Štefany wrote:
> > Hello,
> >
> > did anybody manage to get FreeIPA admin user (member of admins
> > group,
> > full sudo access, etc.) to be also Cockpit user with administra
Hello,
I remember experiencing this, but I'm not sure of solution. I think it's
related to apache (httpd) and his group.
My notes for IPA installation on CentOS 7.x say:
# groupadd -g 48 apache
# yum -y install ipa-server bind bind-dyndb-ldap
# usermod -g apache apache
# ipa-server-install...
C
Hi Daryl,
IPA client <-> IPA server are both backward and forward compatible, see:
http://www.freeipa.org/page/Client#Compatibility
Note: except ipa-admintools, that one is a (thick) client and is
compatible only forward, see the page for better explanation.
Martin
On Pi, 2015-12-04 at 13:42 -
Hello Ranbir,
I'm working on this, even today I was putting more things together.
(That DRAFT is really uncommented version of what I currently have). And
I've opened also https://fedorahosted.org/freeipa/ticket/5521 to get a
bit more out of it.
To sum it up what I've put together:
- Postfix for
regards, / S pozdravom,
Martin Štefany
On Dec 9, 2015 7:34 PM, Ranbir wrote:
>
> Hello Everyone,
>
> I installed a replica without passing the "mkhomedir" option to the
> install command. Sure enough, when I login to the replica, my home dir
> isn't created. I _
Hello,
I seem to be having some issues with IPA CA feature not generating
certificates with DNS SubjectAltNames.
I'm sure this worked very well under CentOS 7.1 / IPA 4.0, but now under
CentOS 7.2 / IPA 4.2 something's different.
Here are the original steps which worked fine for my first use cas
Hello Detlev,
FreeIPA/SSSD client use IP address of interface/vlan/subnet which is use
to communicate (LDAP) with FreeIPA server.
However, if you have dyndns_update set to True in sssd.conf, you can
also set dyndns_iface to point to correct interface which IP addresses
will be dynamically up
16 matches
Mail list logo