Hi All,
I've been building a password self service application which talks to
the FreeIPA REST API to reset a user's password. This is working
perfectly when I use the 'admin' user to perform the operation, but I
don't want to do that in production because of reasons.
So I've created a dedicated
Hi there,
This is el7.3 running ipa-server 4.4.0 release 12.0.1.el7.
After reboot I couldn't start ipa service via systemctl, hence I run "ipactl
start --ignore-service-failures" and this was kind of successful. I still have
some discrepancies, and looking for troubleshooting ideas.
1.
On Thu, Oct 18, 2018 at 10:00:20AM -0400, Ralph Crongeyer via FreeIPA-users
wrote:
> Hi Fraser,
> Actually my goal would be to have two identical stand alone servers. For
> instance maybe add a server as a replica and then separate them from each
> other, or maybe export the CA's and issued certs
Ralph Crongeyer via FreeIPA-users wrote:
> Hi List,
> I have a master server that had a replica installed. The replica has
> been uninstalled. When I try to run "ipa-replica-manage del --force
> replica.server" it fails with:
> invalid 'PKINIT enabled server': all masters must have IPA master role
Hi List,
I have a master server that had a replica installed. The replica has been
uninstalled. When I try to run "ipa-replica-manage del --force
replica.server" it fails with:
invalid 'PKINIT enabled server': all masters must have IPA master role
enabled
How can I delete this replica?
Thanks,
Hello List,
I'm trying to remove a replica without the DNS component installed from a
master with the DNS component installed. Every time I remove the replica
from the master (ipa-replica-manage del replica.server.com) I can no longer
log into the web UIof the replica.
Additionally when I try to
Dmitry Perets via FreeIPA-users wrote:
> Hi,
>
> I am considering FreeIPA for a multi-site project, to provide both PKI and
> LDAP services.
> So ideally, I would like to have one separate FreeIPA server on each site +
> one central FreeIPA server.
> And this is what I have in mind:
> 1. The
Hi,
I am considering FreeIPA for a multi-site project, to provide both PKI and LDAP
services.
So ideally, I would like to have one separate FreeIPA server on each site + one
central FreeIPA server.
And this is what I have in mind:
1. The central FreeIPA server will be my master for
Ben Archuleta via FreeIPA-users wrote:
> Hello All,
>
> I am in the process of setting up a FreeIPA server to replace an ancient
> NIS (last updated in 2013-ish). I can manually recreate the accounts
> (about 280) for the most part but the issue I can’t seem to work around
> is migrating the
On 10/18/18 4:34 PM, Ben Archuleta via FreeIPA-users wrote:
Hello All,
I am in the process of setting up a FreeIPA server to replace an ancient
NIS (last updated in 2013-ish). I can manually recreate the accounts
(about 280) for the most part but the issue I can’t seem to work around
is
Thank you! The descriptions of the issue that I found do reflect what I
experienced:
https://pagure.io/389-ds-base/issue/49815
https://bugzilla.redhat.com/show_bug.cgi?id=1605554
DS Version: 389-ds-base-1.3.7.5-24.el7_5.x86_64
I've applied your recommended solution and will report back if the
Hello All,
I am in the process of setting up a FreeIPA server to replace an ancient NIS
(last updated in 2013-ish). I can manually recreate the accounts (about 280)
for the most part but the issue I can’t seem to work around is migrating the
passwords over. From what I can tell there is no way
Hi Fraser,
Actually my goal would be to have two identical stand alone servers. For
instance maybe add a server as a replica and then separate them from each
other, or maybe export the CA's and issued certs and then import them to a
new server.But I'm not sure how to do either of those.
I did try
13 matches
Mail list logo
