Robbie Harwood via FreeIPA-users
writes:
> David Harvey via FreeIPA-users writes:
>
>> sudo mkdir /etc/krb5.conf.d/
>> #Apparently this is expected by ipa-server to have been generated by one of
>> the kerberos packages
Rob Foehl wrote:
> On Fri, 9 Jun 2017, I wrote:
>
>> In short, that didn't go particularly well at all, which in some ways
>> brings me back to the original as-yet-unanswered deployment question:
>>
>> Is trying to do this with an external CA worth the pain?
>
> Three attempts at this question,
David Harvey via FreeIPA-users writes:
> sudo mkdir /etc/krb5.conf.d/
> #Apparently this is expected by ipa-server to have been generated by one of
> the kerberos packages but is not..
There's a PR open for this in [1]. Since it hasn't merged, though, it's
On Thu, Jun 15, 2017 at 01:07:27PM -, john.bowman--- via FreeIPA-users
wrote:
> You'll have to forgive my ignorance here since I'm still fairly new to IPA
> and fortunately haven't run in to many issues as of yet.
>
> The three IPA 3.0 servers all have what look to be following conflicts:
Hi,
my question is not directly related to IPA, but since IPA provides underlying
authentication services, I think it almost fits here.
I have an Apache WebDAV server that authenticates via Kerberos to IPA server.
Related configuration in Apache is:
AuthTypeKerberos
# Essential
Hope this helps to save some of some time digging. And I know,
freeipa-server on a non LTS release is daft..
apt-get install freeipa-server-trust-ad
#This has been mentioned elsewhere, and it should either be a dependency OR
it's absence should not break things as it currently does
sudo mkdir
So, this problem is still causing me unable to install/build any
replica servers.
Eric
-Original Message-
Date: Tue, 13 Jun 2017 12:11:57 -0400
Subject: Re: [Freeipa-users] Re: replication problem
Cc: Mark Reynolds , Rob Crittenden
To: Rob
You'll have to forgive my ignorance here since I'm still fairly new to IPA and
fortunately haven't run in to many issues as of yet.
The three IPA 3.0 servers all have what look to be following conflicts:
$ ldapsearch -D "cn=directory manager" -w secret -b "dc=domain,dc=tld"
On Thu, Jun 15, 2017 at 04:28:13AM -, john.bowman--- via FreeIPA-users
wrote:
> After upping the log levels on sssd on one of the failing servers I saw this
> in one of the sssd log files:
>
> from sssd_pamd.log:
>
> (Wed Jun 14 23:16:05 2017) [sssd[pam]] [sss_ncache_check_str] (0x2000):