On Пят, 15 сак 2024, Jonathan Calmels via FreeIPA-users wrote:
So, I got to play around with this and implemented the "workaround" we
discussed.
I ended up using ksu with sshd ForceCommand to make it more seamless for users.
Here are some of the issues I faced though:
1. IdP requires FAST and
Kroon PC, Peter via FreeIPA-users wrote:
> Thanks for the super fast reply! I'll do my best to reply in-line, but I'm
> bound to outlook, which doesn't like it too much.
>
>>> Hi all!
>>>
>>> I'm working on updating my freeipa server from rocky 8 to 9. I'm playing
>>> around with a virtual
So, I got to play around with this and implemented the "workaround" we
discussed.
I ended up using ksu with sshd ForceCommand to make it more seamless for users.
Here are some of the issues I faced though:
1. IdP requires FAST and I'm not sure how I'm supposed to configure that
correctly in
Omar via FreeIPA-users wrote:
> Here is some more info:
>
> WARNING: The CA service is only installed on one server ( hostname here>).
> It is strongly recommended to install it on another server.
> Run ipa-ca-install(1) on another master to accomplish this.
>
>
> The
Here is some more info:
WARNING: The CA service is only installed on one server ().
It is strongly recommended to install it on another server.
Run ipa-ca-install(1) on another master to accomplish this.
The ipa-replica-install command was successful
That was from the replica install, here is
for the context:
I fixed my master IPA server, with all new and valid certs (server & CA
chain). I installed two replicas, both installed successfully, but when I
try to run the ipa-ca-install they both fail. Thoughs?
On Thu, Mar 14, 2024 at 9:28 AM Florence Blanc-Renaud
wrote:
> Hi,
>
> On
Hello Flo,
I have installed the CA and also run the certupdate, but it is still not
working. Here is the log:
2024-03-15T16:06:58Z CRITICAL Failed to configure CA instance
2024-03-15T16:06:58Z CRITICAL See the installation logs and the following
files/directories for more information:
Thanks for the super fast reply! I'll do my best to reply in-line, but I'm
bound to outlook, which doesn't like it too much.
>> Hi all!
>>
>> I'm working on updating my freeipa server from rocky 8 to 9. I'm playing
>> around with a virtual machines as playground server and client, since I'd
>>
Kroon PC, Peter via FreeIPA-users wrote:
> Hi all!
>
> I'm working on updating my freeipa server from rocky 8 to 9. I'm playing
> around with a virtual machines as playground server and client, since I'd
> rather not break my everything right away. As part of this, I first installed
>
Hi all!
I'm working on updating my freeipa server from rocky 8 to 9. I'm playing around
with a virtual machines as playground server and client, since I'd rather not
break my everything right away. As part of this, I first installed ipa-server
version 4.10.2-8.el9_3 on the server. Then I did
Not sure if they did use the external CA. How can I check?
//omar
Omar Pagan, CISSP
AAP Sr. DevOps/SysAdmin
[cid:image001.png@01DA76C3.BAE28A80]
--
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to
Hi Flo,
>Did I get it right that the login and commands fail on the replica but
>everything is working on the master?
Yes, that is correct.
>If that's the case, check on the master if the users contain an
>ipantsecurityidentifier. The users are replicated and should have the same
>content
Hi,
On Thu, Mar 14, 2024 at 9:50 PM D S via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> I added more log info below and also applied this solution to generate
> SIDs https://access.redhat.com/solutions/7052703
> Still unable to login via web UI and every ipa command fails.
>
13 matches
Mail list logo
