[Freeipa-users] VPN -> Radius -> IPA Using two factor authentication

Hi All, I'm trying to set up a Cisco/Meraki VPN appliance to authenticate to FreeIPA using two factor authentication (I have Google Authenticator and Yubikey set up and working in FreeIPA) Meraki can do Radius to authenticate a user I've set up a FreeRadius server and set it up to use FreeIPA

[Freeipa-users] CA install fails

I've tried installing in two different waysfirst as a part of full replica install. IE ipa-replica-install --setup-ca --no-forwarders  -p replica.gpg this failed on step 8  [8/27]: starting certificate server instanceipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to restart the

[Freeipa-users] Re: NFS problems after OS updates - can't access directories

Detlev Habicht via FreeIPA-users wrote: > Ok, > > i will reduce my questions to one point: > > I was using tcpdump on NFS server side. > > When i am trying to go to a directory i can see, that the client connect > the server. > But the server don’t answer. Not any packet … > > So the server

[Freeipa-users] Re: NFS problems after OS updates - can't access directories

Ok, i will reduce my questions to one point: I was using tcpdump on NFS server side. When i am trying to go to a directory i can see, that the client connect the server. But the server don’t answer. Not any packet … So the server don’t react to the client. So where can i find or how i can

[Freeipa-users] Re: Samba update can't read NT Hash

On to, 17 elo 2017, Alexander Bokovoy via FreeIPA-users wrote: - Original Message - Yesterday we updated our fileserver to bring it up to the newest kernel. At the same time it update the ipa-client and samba. After the update was finished our ability to access the shared resources

[Freeipa-users] Kvno error on validating one-way trust: "kvno: Decrypt integrity check failed while getting credentials"

Hi All, I am setting up a one-way trust from FreeIPA server to AD domain with a pre-shared key. It seems that it was set up successfully but I cannot verify the Kerberos configuration when I follow the steps described here:

[Freeipa-users] Re: FIPA 2FA OTP+PASSWORD

On Thu, Aug 10, 2017 at 04:58:33PM +0530, saidireddy ranabothu via FreeIPA-users wrote: > Hello all, I have enabled password+OTP authentication for a user and able > to sync tokens and SSH. While ssh to server using FIPA credentials it's > asking authentication in two steps as First Factor and

[Freeipa-users] Re: HTTPD does not start when NSS enabled

On 08/15/2017 03:30 PM, Rob Crittenden via FreeIPA-users wrote: Julian Gethmann wrote: On 08/14/2017 09:51 PM, Rob Crittenden wrote: Julian Gethmann wrote: On 08/14/2017 05:46 PM, Rob Crittenden wrote: Julian Gethmann wrote: Hallo, On 08/14/2017 04:21 PM, Rob Crittenden wrote: Julian

[Freeipa-users] Re: Issues after adding Let's encrypt certificate

On 08/18/2017 05:46 PM, Sarhan Aissi via FreeIPA-users wrote: Hi, I got another error when trying the command again: trying https://ipa.example.net/ipa/json Forwarding 'ca_is_enabled' to json server 'https://ipa.example.net/ipa/json' cert validation failed for "CN=ipa.example.net"

[Freeipa-users] Re: Free IPA/LDAP migration

On 08/22/2017 07:53 AM, Mon Corotan via FreeIPA-users wrote: Hi.. Sorry for my this late update.. Thank you for responding to my query. I was able to do it on my test vm environment, replication and migration also works. I tried this process on production environment but unfortunately I am