[Freeipa-users] Re: Overcoming hurdles installing freeipa-server on ubuntu 17.10

Robbie Harwood via FreeIPA-users writes: > David Harvey via FreeIPA-users writes: > >> sudo mkdir /etc/krb5.conf.d/ >> #Apparently this is expected by ipa-server to have been generated by one of >> the kerberos packages

[Freeipa-users] Re: Certificate renewals with external CA

Rob Foehl wrote: > On Fri, 9 Jun 2017, I wrote: > >> In short, that didn't go particularly well at all, which in some ways >> brings me back to the original as-yet-unanswered deployment question: >> >> Is trying to do this with an external CA worth the pain? > > Three attempts at this question,

[Freeipa-users] Re: Overcoming hurdles installing freeipa-server on ubuntu 17.10

David Harvey via FreeIPA-users writes: > sudo mkdir /etc/krb5.conf.d/ > #Apparently this is expected by ipa-server to have been generated by one of > the kerberos packages but is not.. There's a PR open for this in [1]. Since it hasn't merged, though, it's

[Freeipa-users] Re: Access issues with SSH/IPA

On Thu, Jun 15, 2017 at 01:07:27PM -, john.bowman--- via FreeIPA-users wrote: > You'll have to forgive my ignorance here since I'm still fairly new to IPA > and fortunately haven't run in to many issues as of yet. > > The three IPA 3.0 servers all have what look to be following conflicts:

[Freeipa-users] Apache authentication with Kerberos to IPA

Hi, my question is not directly related to IPA, but since IPA provides underlying authentication services, I think it almost fits here. I have an Apache WebDAV server that authenticates via Kerberos to IPA server. Related configuration in Apache is: AuthTypeKerberos # Essential

[Freeipa-users] Overcoming hurdles installing freeipa-server on ubuntu 17.10

Hope this helps to save some of some time digging. And I know, freeipa-server on a non LTS release is daft.. apt-get install freeipa-server-trust-ad #This has been mentioned elsewhere, and it should either be a dependency OR it's absence should not break things as it currently does sudo mkdir

[Freeipa-users] Re: replication problem

So, this problem is still causing me unable to install/build any replica servers. Eric -Original Message- Date: Tue, 13 Jun 2017 12:11:57 -0400 Subject: Re: [Freeipa-users] Re: replication problem Cc: Mark Reynolds , Rob Crittenden To: Rob

[Freeipa-users] Re: Access issues with SSH/IPA

You'll have to forgive my ignorance here since I'm still fairly new to IPA and fortunately haven't run in to many issues as of yet. The three IPA 3.0 servers all have what look to be following conflicts: $ ldapsearch -D "cn=directory manager" -w secret -b "dc=domain,dc=tld"

[Freeipa-users] Re: Access issues with SSH/IPA

On Thu, Jun 15, 2017 at 04:28:13AM -, john.bowman--- via FreeIPA-users wrote: > After upping the log levels on sssd on one of the failing servers I saw this > in one of the sssd log files: > > from sssd_pamd.log: > > (Wed Jun 14 23:16:05 2017) [sssd[pam]] [sss_ncache_check_str] (0x2000):