On Thu, Jun 19, 2014 at 09:43:06AM +0200, Petr Spacek wrote:
Hello list,
the thread named's LDAP connection hangs on freeipa-users list [1] opened
question Why do we use Kerberos for named-DS connection? Named connects
over LDAPI to local DS instance anyway.
Maybe we can get rid of
On Thu, 19 Jun 2014, Petr Spacek wrote:
Hello list,
the thread named's LDAP connection hangs on freeipa-users list [1]
opened question Why do we use Kerberos for named-DS connection?
Named connects over LDAPI to local DS instance anyway.
Maybe we can get rid of Kerberos for this particular
On 19.6.2014 11:02, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
the thread named's LDAP connection hangs on freeipa-users list [1] opened
question Why do we use Kerberos for named-DS connection? Named connects
over LDAPI to local DS instance anyway.
Maybe we can get rid of
On Thu, 19 Jun 2014, Petr Spacek wrote:
On 19.6.2014 11:02, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
the thread named's LDAP connection hangs on freeipa-users list [1] opened
question Why do we use Kerberos for named-DS connection? Named connects
over LDAPI to local DS
On 19.6.2014 13:13, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
On 19.6.2014 11:02, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
the thread named's LDAP connection hangs on freeipa-users list [1] opened
question Why do we use Kerberos for named-DS
On Thu, 19 Jun 2014, Petr Spacek wrote:
On 19.6.2014 13:13, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
On 19.6.2014 11:02, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
the thread named's LDAP connection hangs on freeipa-users list [1] opened
question
On Thu, 2014-06-19 at 14:13 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
On 19.6.2014 11:02, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
the thread named's LDAP connection hangs on freeipa-users list [1] opened
question Why do we use Kerberos
On Thu, 2014-06-19 at 09:43 +0200, Petr Spacek wrote:
Hello list,
the thread named's LDAP connection hangs on freeipa-users list [1] opened
question Why do we use Kerberos for named-DS connection? Named connects
over LDAPI to local DS instance anyway.
Maybe we can get rid of Kerberos
On 19.6.2014 15:28, Simo Sorce wrote:
On Thu, 2014-06-19 at 09:43 +0200, Petr Spacek wrote:
Hello list,
the thread named's LDAP connection hangs on freeipa-users list [1] opened
question Why do we use Kerberos for named-DS connection? Named connects
over LDAPI to local DS instance anyway.
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 14:13 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
On 19.6.2014 11:02, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
the thread named's LDAP connection hangs on freeipa-users list [1]
On 19.6.2014 15:36, Simo Sorce wrote:
On Thu, 2014-06-19 at 14:13 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
On 19.6.2014 11:02, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
the thread named's LDAP connection hangs on freeipa-users list [1]
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 09:43 +0200, Petr Spacek wrote:
Hello list,
the thread named's LDAP connection hangs on freeipa-users list [1] opened
question Why do we use Kerberos for named-DS connection? Named connects
over LDAPI to local DS instance anyway.
On Thu, 2014-06-19 at 16:41 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 14:13 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
On 19.6.2014 11:02, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
the
On Thu, 2014-06-19 at 15:41 +0200, Petr Spacek wrote:
On 19.6.2014 15:36, Simo Sorce wrote:
On Thu, 2014-06-19 at 14:13 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
On 19.6.2014 11:02, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
the thread
On 19.6.2014 16:02, Simo Sorce wrote:
On Thu, 2014-06-19 at 16:41 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 14:13 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek wrote:
On 19.6.2014 11:02, Alexander Bokovoy wrote:
On Thu,
On Thu, 19 Jun 2014, Simo Sorce wrote:
and named successfully started, with 389-ds showing autobind to the same
krprincipalname=dns/... in the logs.
why do we need to associate bind to dns/whatever ??
Because we already have ACIs given to dns/hostname to handle DNS
entries.
Which are easy
On Thu, 2014-06-19 at 16:05 +0200, Petr Spacek wrote:
On 19.6.2014 16:02, Simo Sorce wrote:
On Thu, 2014-06-19 at 16:41 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 14:13 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Petr Spacek
On Thu, 2014-06-19 at 17:10 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
and named successfully started, with 389-ds showing autobind to the same
krprincipalname=dns/... in the logs.
why do we need to associate bind to dns/whatever ??
Because we already have
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:10 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
and named successfully started, with 389-ds showing autobind to the same
krprincipalname=dns/... in the logs.
why do we need to associate bind to
On Thu, 2014-06-19 at 17:24 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:10 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
and named successfully started, with 389-ds showing autobind to the
same
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:24 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:10 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
and named successfully started, with 389-ds showing
On Thu, 2014-06-19 at 17:33 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:24 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:10 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce
On Thu, 19 Jun 2014, Simo Sorce wrote:
I may need to revive my sysaccounts module...
There is one more issue though, and this one really concerns me.
If you need to put there multiple accounts because different servers
have different local accounts, then you open up access to unrelated
On Thu, 2014-06-19 at 17:47 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
I may need to revive my sysaccounts module...
There is one more issue though, and this one really concerns me.
If you need to put there multiple accounts because different servers
have
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:47 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
I may need to revive my sysaccounts module...
There is one more issue though, and this one really concerns me.
If you need to put there multiple accounts
On 06/19/2014 04:58 PM, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:47 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
I may need to revive my sysaccounts module...
There is one more issue though, and this one really
On 19.6.2014 17:06, Martin Kosek wrote:
On 06/19/2014 04:58 PM, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:47 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
I may need to revive my sysaccounts module...
There is one more
On Thu, 19 Jun 2014, Martin Kosek wrote:
On 06/19/2014 04:58 PM, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:47 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
I may need to revive my sysaccounts module...
There is one more
On 06/19/2014 09:16 AM, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Martin Kosek wrote:
On 06/19/2014 04:58 PM, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:47 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
I may need to
On Thu, 19 Jun 2014, Rich Megginson wrote:
On 06/19/2014 09:16 AM, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Martin Kosek wrote:
On 06/19/2014 04:58 PM, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:47 +0300, Alexander Bokovoy wrote:
On Thu, 19
On Thu, 2014-06-19 at 17:06 +0200, Martin Kosek wrote:
On 06/19/2014 04:58 PM, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
On Thu, 2014-06-19 at 17:47 +0300, Alexander Bokovoy wrote:
On Thu, 19 Jun 2014, Simo Sorce wrote:
I may need to revive my sysaccounts module...
On Thu, 2014-06-19 at 09:23 -0600, Rich Megginson wrote:
and if we limit who can use it I don't think
anyone will be crying too much.
If we change it to be incompatible, we may break existing _389_
customers, even if they are potentially using something that violates
RFC4513.
I am not
32 matches
Mail list logo