[Freeipa-users] ipa-server-4.5.4-10.0.1.el7_5.1: ns-slapd segfaults, error in libtcmalloc.so.4.4.5, libkrb5.so.3, libc-2.17.so

Hi We upgraded from 7.5 from 7.4 yesterday (from ipa-server-4.5.0-21.0.1.el7_4.1.2.x86_64 to ipa-server-4.5.4-10.0.1.el7_5.1.x86_64) I have a 2 replica setup, both are upgraded (Nothing failed during upgrade), with an AD trust setup. This happens on both of my replicas (seems they are not crashin

[Freeipa-users] FreeIPA --> Keycloak --> simplesamlphp --> edugain

Hi, I'm using Keycloak to connect to FreeIPA and create a user federation, I'm mapping several attributes from FreeIPA, among them is eduPersonTargetedID (EPTID). This EPTID is used to connect to a saml client and then as one of the attributes used in the edugain inter-federation. The issue is

[Freeipa-users] Re: Two way trust setup issue

On ti, 29 touko 2018, Merritt, Todd R - (tmerritt) via FreeIPA-users wrote: Hi, I'm trying to establish a two way trust with an AD domain and seem to be running into some issues. I am able to establish a one way trust following the guide

[Freeipa-users] Re: Error after migration all user from ldap

As too long log enclosed in a txt file, the log related to use admin to login find aaron and then del , user not found, 0 entry updated. (row335) Realm is same. seem not bind .. 2018-05-29 22:18 GMT+08:00 : > admin ….but this is new IPA 4.0 admin not IPA 3.0 admin ….BUT I tried del > IPA4.0 's a

[Freeipa-users] Two way trust setup issue

Hi, I'm trying to establish a two way trust with an AD domain and seem to be running into some issues. I am able to establish a one way trust following the guide at https://www.freeipa.org/page/Active_Directory_trust_setup without any issues. When I destroy that trust and try to

[Freeipa-users] Re: Error after migration all user from ldap

admin ….but this is new IPA 4.0 admin not IPA 3.0 admin ….BUT I tried del IPA4.0 's admin and migrated 3.0 one which follow old same ID ..same situation occur. del fail. 2018-05-29 22:17 GMT+08:00 Barry : > admin ….but this is new IPA 4.0 admin not IPA 3.0 admin ….BUT I tried del > IPA4.0 's admi

[Freeipa-users] Re: Error after migration all user from ldap

admin ….but this is new IPA 4.0 admin not IPA 3.0 admin ….BUT I tried del IPA4.0 's admin and migrated 3.0 one which follow old same ID ..same situation occur. del fail. 2018-05-29 21:33 GMT+08:00 Florence Blanc-Renaud : > On 05/29/2018 12:26 PM, barrykfl--- via FreeIPA-users wrote: > >> >> Hi :

[Freeipa-users] Re: Promoting CA replica to master

Hi Florence, Let me give more info about our FreeIPA infraestructure. We have 8 servers in different zones, 2 per zone. Last year we installed the first two IPAs, one from scratch and the other its first replica, and both with DNS and CA. CA certificates generated by IPA itself, no external ones.

[Freeipa-users] Re: Error after migration all user from ldap

On 05/29/2018 12:26 PM, barrykfl--- via FreeIPA-users wrote: Hi : I migrated use commands form ipa 3 to ipa 4  ipa migrate-ds --user-container=cn=users,cn=accounts --group-container=cn=groups,cn=accounts --with-compat ldap://abc.cde.com:389 Fine I saw everything

[Freeipa-users] Re: Promoting CA replica to master

On 05/29/2018 01:14 PM, Carlos Fernández Manteiga via FreeIPA-users wrote: Hi, We've created a new replica from our FreeIPA infrastructure, with CA capabilities. Now we want it to be the CA renewal master, as it's written here: https://www.freeipa.org/page/Howto/Promote_CA_to_Renewal_and_CRL_Ma

[Freeipa-users] Promoting CA replica to master

Hi, We've created a new replica from our FreeIPA infrastructure, with CA capabilities. Now we want it to be the CA renewal master, as it's written here: https://www.freeipa.org/page/Howto/Promote_CA_to_Renewal_and_CRL_Master However, the first step, knowing which is the present master, is blocki

[Freeipa-users] Error after migration all user from ldap

Hi : I migrated use commands form ipa 3 to ipa 4 ipa migrate-ds --user-container=cn=users,cn=accounts --group-container=cn=groups,cn=accounts --with-compat ldap://abc.cde.com:389 Fine I saw everything work entries there ...but I want del account it said user not found.. (Modify info is ok) ..