Am Thu, Jun 02, 2022 at 02:22:54PM -0400 schrieb Rob Crittenden via
FreeIPA-users:
> Jim Kinney via FreeIPA-users wrote:
> > It seems if valid ssh keys exist, the expired account status doesn't
> > block login with ssh keys. Any operation that touches a password is
> > blocking.
> > Is there a pam
I got FreeIPA up and running but am having trouble getting it working with
apache, I tried both mod_auth_mellon and mod_auth_gssapi. My goal is to have
something that 1) attempts kerberos 2) falls back to user/pass auth.
For mod_auth_gssapi, I am able to get get SSO working with my local Firefox
I found the error, will error number 18 help to fix the problem? Thanks.
Kathy.
[root@g-ipa1 ~]# ldapsearch -D "cn=directory manager" -W -b "cn=
g-ipa1.example.com-to-h-ipa1.example.com,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping
tree,cn=config"
Enter LDAP Password:
# extended LDIF
#
# L
Do you mean /etc/dirsrv/slapd-CORP-NURO-TEAM/dse.ldif file? There is no
entry with RUV.
Thanks.
Kathy.
On Thu, Jun 2, 2022 at 5:57 PM Kathy Zhu wrote:
> Thanks, Mark, to identify and explain the issue.
>
> Could someone pass a document or article how to apply the fix/work around?
> Many thanks!
Thanks, Mark, to identify and explain the issue.
Could someone pass a document or article how to apply the fix/work around?
Many thanks!
Kathy.
On Thu, Jun 2, 2022 at 12:38 PM Mark Reynolds wrote:
>
> On 6/2/22 1:38 PM, Rob Crittenden wrote:
> > Kathy Zhu via FreeIPA-users wrote:
> >> Hi Team,
On 6/2/22 1:38 PM, Rob Crittenden wrote:
Kathy Zhu via FreeIPA-users wrote:
Hi Team,
We upgraded our Centos 7 IPA masters to the latest:
CentOS Linux release 7.9.2009 (Core)
*ipa*-server.x86_64 4.6.8-5.el7.centos.10
*389-ds*-base.x86_64 1.3.10.2-15.e
On to, 02 kesä 2022, Leo O via FreeIPA-users wrote:
Okay it worked, the ui fields appeared finally.
But there is still an issue. When I now e.g. click on the checkbox "Mail
enabled" and save it, I get an error:
"IPA Error 4002: DuplicateEntry" - "Type or value exists".
Looked through the logs,
Also added change type modify etc. to the schema:
https://github.com/leonidas-o/freeipa-postfixbook-plugin/commit/d7ba2c2593dbed5fca304e48972dae963b850894
But same error. Doesn't look like, that's doing anything.
___
FreeIPA-users mailing list -- freeip
Jim Kinney via FreeIPA-users wrote:
> It seems if valid ssh keys exist, the expired account status doesn't
> block login with ssh keys. Any operation that touches a password is
> blocking.
> Is there a pam setting in sshd that needs tweaking to deny access if
> account is expired?
You may want to
It seems if valid ssh keys exist, the expired account status doesn't block
login with ssh keys. Any operation that touches a password is blocking.
Is there a pam setting in sshd that needs tweaking to deny access if account is
expired?
--
Computers amplify human error
Super computers are rea
Kathy Zhu via FreeIPA-users wrote:
> Hi Team,
>
> We upgraded our Centos 7 IPA masters to the latest:
>
> CentOS Linux release 7.9.2009 (Core)
>
> *ipa*-server.x86_64 4.6.8-5.el7.centos.10
>
> *389-ds*-base.x86_64 1.3.10.2-15.el7_9
>
> *389-ds*-b
This issue has mutated substantially from the initial issue. I can open a new
thread for my current issue,
Once I changed the domain level to 1, ipa-replica-prepare no longer applies and
now the method to create a replica is to promote a client.
But (as detailed) this is failing for me as well.
Okay it worked, the ui fields appeared finally.
But there is still an issue. When I now e.g. click on the checkbox "Mail
enabled" and save it, I get an error:
"IPA Error 4002: DuplicateEntry" - "Type or value exists".
Looked through the logs, but couldn't find anything useful, which points me
> rui liang via FreeIPA-users wrote:
>
> No because of the older version you have.
>
> What you might be able to do if this is running on a VM is snapshot it
> then bring a copy up on an isolated network so you can try the renewal
> and see how long things may be offline and get the procedure dow
/var/log/dirsrv/slapd-YYDEVOPS-COM/errors
.
[02/Jun/2022:19:34:08 +0800] - SSL alert:
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: enabled
[02/Jun/2022:19:34:08 +0800] - SSL alert:
TLS_DHE_RSA_WITH_AES_128_CBC_SHA: enabled
[02/Jun/2022:19:34:08 +0800] - SSL alert:
TLS_DHE_DSS
hello
I want to copy a CA node. I tried many times but failed. Can you help me find
out the reason?thank you
1:#apt install -y freeipa-server
2:root@fs-hiido-ca2-65-155:/var/log# ipa-client-install
--domain=hiido.host.yydevops.com --realm=YYDEVOPS.COM
--server=fs-hiido-kerberos-21-117-149.hii
# SSSD 2.7.1
The SSSD team is proud to announce the release of version 2.7.0 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.7.1
See the full release notes at:
https://sssd.io/release-notes/sssd-2.7.1.html
RPM pac
17 matches
Mail list logo
