On Tue, Jul 14, 2015 at 12:49:23PM -0400, John Dennis wrote:
On 07/14/2015 12:03 PM, Petr Spacek wrote:
Hello,
Is anyone using repos
https://jdennis.fedorapeople.org/ipa-devel/
?
AFAIK nobody in Brno is seriously using it but I'm not sure about people
outside the Brno.
Could we use
Dne 14.7.2015 v 14:17 David Kupka napsal(a):
On 10/07/15 14:31, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5034
Patch attached.
Works for me, ACK.
Pushed to:
master: 8bc0e9693b4b8356859b00afecd150b5c75fed99
ipa-4-2: cbdeba7a73c20b60b748558e63cf8672387febda
--
Jan
Dne 13.7.2015 v 15:03 David Kupka napsal(a):
On 10/07/15 14:51, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5038
I reworded the error message to keep the same format as stageuser-add
and user-add.
Patch attached.
Works for me, ACK.
Pushed to:
master:
On 2015-07-07 18:40, Christian Heimes wrote:
Hello,
the patch removes the dependency on Python's ssl module and
python-backports-ssl_match_hostname.
https://fedorahosted.org/freeipa/ticket/5068
Open question
-
Is paths.IPA_NSSDB_DIR the correct NSSDB?
My patch hasn't been
Hi everyone, my name is Tony and this is my first post, so it's nice to
meet all of you. I've been tasked with creating an AD and FreeIPA
environment, and I'm looking into the sync between the two. It looks like
creating a user in AD causes that user to be created in IPA, but not the
other way
I'm pretty excited about this.
As I see it right now user creation requires manual intervention. Is this
correct?
Is it possible to have a fully automated process where a token is generated and
mailed to the user to verify their email address?
- Original Message -
Hi, all,
I'm
On 07/15/2015 09:42 AM, Email wrote:
Hi everyone, my name is Tony and this is my first post, so it's nice
to meet all of you. I've been tasked with creating an AD and FreeIPA
environment, and I'm looking into the sync between the two. It looks
like creating a user in AD causes that user to
- Original Message -
From: Petr Spacek pspa...@redhat.com
To: Jan Cholasta jchol...@redhat.com, freeipa-devel@redhat.com,
Alexander Bokovoy aboko...@redhat.com
Cc: Simo Sorce s...@redhat.com
Sent: Tuesday, July 14, 2015 10:33:41 AM
Subject: Re: [Freeipa-devel] [PATCH 0052] Create
Yeah, user creation requires manual intervention; an admin has to move
the user from staging to the main user tree.
It could be pretty easily modified to allow totally automated self
sign-up though
On 07/15/2015 01:42 PM, Nathaniel McCallum wrote:
I'm pretty excited about this.
As I see it
On 2015-07-14 13:56, Jan Cholasta wrote:
Hi,
the attached patch fixes client-only builds.
LGTM.
I didn't know about the difference between server and client-only
builds. Thanks for the fix!
signature.asc
Description: OpenPGP digital signature
--
Manage your subscription for the
On 10/07/15 10:43, Martin Basti wrote:
On 10/07/15 07:32, Jan Cholasta wrote:
Hi,
Dne 9.7.2015 v 16:55 Martin Basti napsal(a):
https://fedorahosted.org/freeipa/ticket/5075
Patch attached.
the check is very plugin-specific, so I don't think it should be in
ipalib.util. You can keep it in
Dne 7.7.2015 v 16:51 David Kupka napsal(a):
On 03/07/15 08:46, Martin Kosek wrote:
On 07/03/2015 08:41 AM, Jan Cholasta wrote:
Dne 2.7.2015 v 14:34 David Kupka napsal(a):
On 01/07/15 16:31, David Kupka wrote:
Updated patch attached.
Client install works, but uninstall does not:
#
On Wed, 15 Jul 2015, Tomas Babej wrote:
Hi,
Check for the presence of the forest root DNS domain of the AD realm
among the IPA realm domains prior to esablishing the trust.
This prevents creation of a failing setup, as trusts would not work
properly in this case.
Patch attached.
https://fedorahosted.org/freeipa/ticket/4934
https://fedorahosted.org/freeipa/ticket/5055
--
Martin Basti
From 6453116b130f090632c78c5c61d63e7bf5f815ef Mon Sep 17 00:00:00 2001
From: Martin Basti mba...@redhat.com
Date: Wed, 15 Jul 2015 09:44:07 +0200
Subject: [PATCH]
On 07/15/2015 02:31 PM, Alexander Bokovoy wrote:
On Wed, 15 Jul 2015, Tomas Babej wrote:
Hi,
Check for the presence of the forest root DNS domain of the AD realm
among the IPA realm domains prior to esablishing the trust.
This prevents creation of a failing setup, as trusts would not work
On 15/07/15 14:42, Martin Basti wrote:
Patch attached.
https://fedorahosted.org/freeipa/ticket/4934
https://fedorahosted.org/freeipa/ticket/5055
I forgot to add patch number in subject.
--
Martin Basti
From 6453116b130f090632c78c5c61d63e7bf5f815ef Mon Sep 17 00:00:00 2001
From:
Hi,
the attached patch fixes https://fedorahosted.org/freeipa/ticket/5132.
Honza
--
Jan Cholasta
From ee18849be68ca6705165c660b7138f694369e764 Mon Sep 17 00:00:00 2001
From: Jan Cholasta jchol...@redhat.com
Date: Wed, 15 Jul 2015 08:45:53 +
Subject: [PATCH] spec file: Update minimum
Dne 15.7.2015 v 12:42 Christian Heimes napsal(a):
On 2015-07-14 13:56, Jan Cholasta wrote:
Hi,
the attached patch fixes client-only builds.
LGTM.
I didn't know about the difference between server and client-only
builds. Thanks for the fix!
Pushed to:
master:
On 07/15/2015 01:22 PM, Oleg Fayans wrote:
Hi Ludwig,
On 07/15/2015 12:20 PM, Ludwig Krispenz wrote:
looks like the initial replication is failing:
[15/Jul/2015:04:47:31 -0400] slapi_ldap_bind - Error: could not bind
id [cn=replication manager,cn=config] authentication mechanism
[SIMPLE]:
Hi,
Check for the presence of the forest root DNS domain of the AD realm
among the IPA realm domains prior to esablishing the trust.
This prevents creation of a failing setup, as trusts would not work
properly in this case.
https://fedorahosted.org/freeipa/ticket/4799
Tomas
From
Fixes https://fedorahosted.org/freeipa/ticket/4492
--
Martin^3 Babinsky
From 8c29064df3649db5784e96440bae3ae0ed19dcd3 Mon Sep 17 00:00:00 2001
From: Martin Babinsky mbabi...@redhat.com
Date: Wed, 15 Jul 2015 14:15:49 +0200
Subject: [PATCH] ipa-ca-install: print more specific errors when CA is
On Wed, 15 Jul 2015, Jan Cholasta wrote:
Hi,
the attached patch fixes https://fedorahosted.org/freeipa/ticket/5132.
ACK
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
Hi,
Dne 15.7.2015 v 12:54 Alexander Bokovoy napsal(a):
On Wed, 15 Jul 2015, Jan Cholasta wrote:
Hi,
the attached patch fixes https://fedorahosted.org/freeipa/ticket/5132.
ACK
Thanks for the review.
Pushed to:
master: d6e701a79333c0d732323a1f4250aa698625e889
ipa-4-2:
I definitely see both models finding use.
- Original Message -
Yeah, user creation requires manual intervention; an admin has to move
the user from staging to the main user tree.
It could be pretty easily modified to allow totally automated self
sign-up though
--
Manage your
On Wed, Jul 15, 2015 at 2:32 PM, Nathaniel McCallum npmccal...@redhat.com
wrote:
I definitely see both models finding use.
+1
- Original Message -
Yeah, user creation requires manual intervention; an admin has to move
the user from staging to the main user tree.
It could be
looks like the initial replication is failing:
[15/Jul/2015:04:47:31 -0400] slapi_ldap_bind - Error: could not bind id
[cn=replication manager,cn=config] authentication mechanism [SIMPLE]:
error 32 (No such object) errno 0 (Success)
[15/Jul/2015:04:47:31 -0400] NSMMReplicationPlugin -
Hi Ludwig,
On 07/15/2015 12:20 PM, Ludwig Krispenz wrote:
looks like the initial replication is failing:
[15/Jul/2015:04:47:31 -0400] slapi_ldap_bind - Error: could not bind
id [cn=replication manager,cn=config] authentication mechanism
[SIMPLE]: error 32 (No such object) errno 0 (Success)
On 15/07/15 15:39, Petr Vobornik wrote:
On 07/15/2015 02:42 PM, Martin Basti wrote:
Patch attached.
https://fedorahosted.org/freeipa/ticket/4934
https://fedorahosted.org/freeipa/ticket/5055
Why are you adding RP, APL, IPSEC, DHCID, HIP, SPF records? Is there a
plan to use them?
During investigation of https://fedorahosted.org/freeipa/ticket/3993 I
have realized that I can do some guerilla ref*ctoring and move the guts
of `ipa-adtrust-install` to separate module, as we did with CA, KRA, DNS
and friends.
I have put a link to
Dne 15.7.2015 v 16:02 Martin Babinsky napsal(a):
During investigation of https://fedorahosted.org/freeipa/ticket/3993 I
have realized that I can do some guerilla ref*ctoring and move the guts
of `ipa-adtrust-install` to separate module, as we did with CA, KRA, DNS
and friends.
+1
I have put
On 15/07/15 15:34, Jan Cholasta wrote:
Dne 15.7.2015 v 15:21 David Kupka napsal(a):
https://fedorahosted.org/freeipa/ticket/4953
To test this patch:
1. Migrate users from LDAP or other FreeIPA server
(https://www.freeipa.org/page/Howto/Migration)
2. Disable anonymous bind to Directory Server
On 07/15/2015 04:05 PM, Jan Cholasta wrote:
Dne 15.7.2015 v 16:02 Martin Babinsky napsal(a):
During investigation of https://fedorahosted.org/freeipa/ticket/3993 I
have realized that I can do some guerilla ref*ctoring and move the guts
of `ipa-adtrust-install` to separate module, as we did with
On 07/15/2015 04:19 PM, Martin Babinsky wrote:
On 07/15/2015 04:05 PM, Jan Cholasta wrote:
Dne 15.7.2015 v 16:02 Martin Babinsky napsal(a):
During investigation of https://fedorahosted.org/freeipa/ticket/3993 I
have realized that I can do some guerilla ref*ctoring and move the guts
of
Moved files temporarily exist without a proper SElinux context which
causes issues when running SSSD/ntpd tries to work with files.
https://fedorahosted.org/freeipa/ticket/4923
Patch attached.
--
Martin Basti
From a86424429eea3bede519284e2d986c4fad8755f8 Mon Sep 17 00:00:00 2001
From: Martin
On Wed, 15 Jul 2015, Martin Basti wrote:
Moved files temporarily exist without a proper SElinux context which
causes issues when running SSSD/ntpd tries to work with files.
https://fedorahosted.org/freeipa/ticket/4923
Patch attached.
--
Martin Basti
From
On 15.7.2015 17:39, Martin Basti wrote:
On 15/07/15 17:38, Petr Spacek wrote:
On 15.7.2015 17:33, Martin Basti wrote:
On 15/07/15 16:03, Martin Basti wrote:
On 15/07/15 15:39, Petr Vobornik wrote:
On 07/15/2015 02:42 PM, Martin Basti wrote:
Patch attached.
On 07/15/2015 02:42 PM, Martin Basti wrote:
Patch attached.
https://fedorahosted.org/freeipa/ticket/4934
https://fedorahosted.org/freeipa/ticket/5055
Why are you adding RP, APL, IPSEC, DHCID, HIP, SPF records? Is there a
plan to use them? Can't we just not use unsupported records
Dne 15.7.2015 v 15:21 David Kupka napsal(a):
https://fedorahosted.org/freeipa/ticket/4953
To test this patch:
1. Migrate users from LDAP or other FreeIPA server
(https://www.freeipa.org/page/Howto/Migration)
2. Disable anonymous bind to Directory Server
On 07/15/2015 02:42 PM, Oleg Fayans wrote:
Hi Ludwig,
On 07/15/2015 01:52 PM, Ludwig Krispenz wrote:
On 07/15/2015 01:22 PM, Oleg Fayans wrote:
Hi Ludwig,
On 07/15/2015 12:20 PM, Ludwig Krispenz wrote:
looks like the initial replication is failing:
[15/Jul/2015:04:47:31 -0400]
https://fedorahosted.org/freeipa/ticket/4953
To test this patch:
1. Migrate users from LDAP or other FreeIPA server
(https://www.freeipa.org/page/Howto/Migration)
2. Disable anonymous bind to Directory Server
On 15/07/15 16:03, Martin Basti wrote:
On 15/07/15 15:39, Petr Vobornik wrote:
On 07/15/2015 02:42 PM, Martin Basti wrote:
Patch attached.
https://fedorahosted.org/freeipa/ticket/4934
https://fedorahosted.org/freeipa/ticket/5055
Why are you adding RP, APL, IPSEC, DHCID, HIP, SPF
On 15.7.2015 17:33, Martin Basti wrote:
On 15/07/15 16:03, Martin Basti wrote:
On 15/07/15 15:39, Petr Vobornik wrote:
On 07/15/2015 02:42 PM, Martin Basti wrote:
Patch attached.
https://fedorahosted.org/freeipa/ticket/4934
https://fedorahosted.org/freeipa/ticket/5055
Why are
42 matches
Mail list logo