On Wed, 2012-10-31 at 22:52 +0200, Alexander Bokovoy wrote:
> A sequence is following:
> 1. Match external member against existing trusted domain
> 2. Find trusted domain's domain controller and preferred GC hosts
> 3. Fetch trusted domain account auth info
> 4. Set up ccache in /var/run/ipa_memcac
A sequence is following:
1. Match external member against existing trusted domain
2. Find trusted domain's domain controller and preferred GC hosts
3. Fetch trusted domain account auth info
4. Set up ccache in /var/run/ipa_memcached/krb5cc_TD with principal
ourdomain$@trusted.domain
5. Do LDAP SAS
On Tue, 2012-10-30 at 06:50 +0200, Alexander Bokovoy wrote:
> I remember in my case that was the issue, i.e. finddc did discover
> proper DC via DNS and returned winda.ad.local but something within
> SASL/krb5 library wanted to see reverse lookup working which was not
> set
> up at the point.
>
I
On Mon, 29 Oct 2012, Simo Sorce wrote:
On Mon, 2012-10-29 at 23:03 +0200, Alexander Bokovoy wrote:
On Mon, 29 Oct 2012, Simo Sorce wrote:
>On Mon, 2012-10-29 at 19:59 +0200, Alexander Bokovoy wrote:
>> A sequence is following:
>> 1. Match external member against existing trusted domain
>> 2. Fin
On Mon, 2012-10-29 at 23:03 +0200, Alexander Bokovoy wrote:
> On Mon, 29 Oct 2012, Simo Sorce wrote:
> >On Mon, 2012-10-29 at 19:59 +0200, Alexander Bokovoy wrote:
> >> A sequence is following:
> >> 1. Match external member against existing trusted domain
> >> 2. Find trusted domain's domain contro
On Mon, 29 Oct 2012, Rob Crittenden wrote:
[Mon Oct 29 16:15:33 2012] [error] [client 192.168.122.240] File
"/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py", line
562, in sasl_interactive_bind_s
[Mon Oct 29 16:15:33 2012] [error] [client 192.168.122.240] return
self.conn.sasl_i
Alexander Bokovoy wrote:
On Mon, 29 Oct 2012, Simo Sorce wrote:
On Mon, 2012-10-29 at 19:59 +0200, Alexander Bokovoy wrote:
A sequence is following:
1. Match external member against existing trusted domain
2. Find trusted domain's domain controller
3. Fetch trusted domain account auth info
4. S
On Mon, 29 Oct 2012, Simo Sorce wrote:
On Mon, 2012-10-29 at 19:59 +0200, Alexander Bokovoy wrote:
A sequence is following:
1. Match external member against existing trusted domain
2. Find trusted domain's domain controller
3. Fetch trusted domain account auth info
4. Set up ccache in /var/run/i
On Mon, 2012-10-29 at 19:59 +0200, Alexander Bokovoy wrote:
> A sequence is following:
> 1. Match external member against existing trusted domain
> 2. Find trusted domain's domain controller
> 3. Fetch trusted domain account auth info
> 4. Set up ccache in /var/run/ipa/ipa_memcached/krb5cc_TRUSTEDD
A sequence is following:
1. Match external member against existing trusted domain
2. Find trusted domain's domain controller
3. Fetch trusted domain account auth info
4. Set up ccache in /var/run/ipa/ipa_memcached/krb5cc_TRUSTEDDOMAIN with
principal ourdomain$@trusted.domain
5. Do LDAP SASL intera
10 matches
Mail list logo
