Re: [Freeipa-users] Install best practice -
Hi thanks for the reply. "the easiest would be to create a zone and delegating that to the ipa hosts. No other change necessary." can you explain little more. You mean need to create separate DNS zone ? regards, Ben On Sun, May 29, 2016 at 9:11 PM, Natxo Asenjowrote: > > > On Sun, May 29, 2016 at 7:11 PM, Ben .T.George > wrote: > >> Hi >> >> I would like to know how can i proceed with best practices >> >> My AD domain is : corp.examle.com.kw >> My DNS (appliances ) : kw.test.com >> >> All my clients are pointed to kw.test.com including AD. >> >> How can i proceed with Free IPA installation? where i need to manage DNS >> of freeipa master server? >> >> >> creating new DNS zone in kw.test.com will be little bit difficult. >> >> which will be best configuration with minimal changes in existing setup. >> > > the easiest would be to create a zone and delegating that to the ipa > hosts. No other change necessary. > > Not sure if this is a 'best practice', but this is how we have been > running our environment for years without any problems. > > -- > regards, > Natxo > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Install best practice -
On Sun, May 29, 2016 at 7:11 PM, Ben .T.Georgewrote: > Hi > > I would like to know how can i proceed with best practices > > My AD domain is : corp.examle.com.kw > My DNS (appliances ) : kw.test.com > > All my clients are pointed to kw.test.com including AD. > > How can i proceed with Free IPA installation? where i need to manage DNS > of freeipa master server? > > > creating new DNS zone in kw.test.com will be little bit difficult. > > which will be best configuration with minimal changes in existing setup. > the easiest would be to create a zone and delegating that to the ipa hosts. No other change necessary. Not sure if this is a 'best practice', but this is how we have been running our environment for years without any problems. -- regards, Natxo -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] Install best practice -
Hi I would like to know how can i proceed with best practices My AD domain is : corp.examle.com.kw My DNS (appliances ) : kw.test.com All my clients are pointed to kw.test.com including AD. How can i proceed with Free IPA installation? where i need to manage DNS of freeipa master server? creating new DNS zone in kw.test.com will be little bit difficult. which will be best configuration with minimal changes in existing setup. Regards, Ben -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] Centos 7.2 ipa-backup failure
Today I tried my very first ipa-backup attempt. The command reported 'The ipa-backup command was successful' YET I saw: /usr/sbin/db2ldif: line 157: 22567 Segmentation fault /usr/sbin/ns-slapd db2ldif -D /etc/dirsrv/slapd-DOMAIN-NET -n userRoot -a "/var/l ib/dirsrv/slapd-DOMAIN-NET/ldif/DOMAIN-NET-userRoot.ldif" -r I am running Centos 7.2. After googling, I did find - https://fedorahosted.org/freeipa/ticket/5571 https://fedorahosted.org/389/ticket/48388 How am I supposed to backup this box? I want to run the backup-script nightly to generate the tarball so I can use another script to backup it up along with other stuff. It is a small system with no replication. As a Centos 7.2 user am I just out of luck since it appears the various bugs I am encountering with this software are not being fixed except in newer versions of freeipa and sssd which are not available via the standard repos? -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] EXAMPLE.COM IPA CA Import /etc/httpd/alias
Hello I found any Help for the IPA Certificate but I found no way to import the IPA CA ? I like to create a webserver with a owncloud virtualhost and other.. But it is for me not possible to create the /etc/httpd/alias correct ? I found this in IPC DOCS certutil -A -d . -n 'EXAMPLE.COM IPA CA' -t CT,, -a < /etc/ipa/ca.crt but with this command line I have a Error /etc/ipa/ca.crt have wrong format ? Have any a link with a working example Thanks, -- mit freundlichen Grüßen / best regards, Günther J. Niederwimmer -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project