Am Wed, Jun 09, 2021 at 07:32:49PM - schrieb thing.thing--- via
FreeIPA-users:
> Hi,
>
> I have RH's version of freeipa
> (ipa-server-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64) working fine.
> RHEL8, RHEL7,
> Debian10.9, Ubuntu20LTS and Centos7 clients work perfectly OK to IPA OK for
>
Hi Rob,
I have reduced that timeout and will tune it further. Regarding ISE errors,
I think we can make the assumption that this is entirely an issue of the
web timeouts, I haven't seen any evidence otherwise and will have another
attempt at converting nodes tomorrow, and with a keener eye of
If no one else has any ideas, RHEL6 / Centos 6 is well obsolete so it maybe its
to old for a sssd client to work with new? I suggest do a trail run on a
"modern" Linux client version Centos 8.3 by the look of it to prove that
everything works OK. Then if no one suggests anything you might
Hi,
I have RH's version of freeipa
(ipa-server-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64) working fine. RHEL8,
RHEL7,
Debian10.9, Ubuntu20LTS and Centos7 clients work perfectly OK to IPA OK for
users in
IPA..
For the cross domain trust however only RHEL8 and RHEL7 work. Debian10.9,
Rob,
thanks, that helped a lot.
Would be great if removing the old cert automatically was an option in
ipa-cacert-manage!
Best,
Philipp
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to
Bret Wortman via FreeIPA-users wrote:
> Looks like we're missing an LDAP connection port?
>
> [09/Jun/2021:10:02:54][localhost-startStop-1]: LdapBoundConnFactory: init
> Property internaldb.ldapconn.port missing value
>
> Full debug log is at
>
Alfred Victor wrote:
> Hi Rob,
>
> We did revert to 60s - I seem to remember some ldapsearch timing out
> previously but maybe we could still greatly reduce this with no ill
> effect. However, we saw no change in join success either way and I have
> not changed anything in Apache as I would need
Looks like we're missing an LDAP connection port?
[09/Jun/2021:10:02:54][localhost-startStop-1]: LdapBoundConnFactory: init
Property internaldb.ldapconn.port missing value
Full debug log is at
https://gist.github.com/wortmanb/7782c5c0c4318c2aec17f2eea589b567
--
Bret Wortman
Quite some time ago I added a trust to another AD domain. IIRC I added
an "external trust" for a reason I do not remember.
What is the "Non-transitive external trust to a domain in another Active
Directory forest" trust type for? Could I not just have added another
"Active Directory domain"
My misunderstanding, sorry. This is from the existing CA since that's where I
thought the problem would be. Okay, going back and looking at the debug log on
the new server to see if it's more revealing.
--
Bret Wortman
bret.wort...@damascusgrp.com
On Tue, Jun 8, 2021, at 2:27 PM, Rob
10 matches
Mail list logo