current value of nsslapd-changelogcompactdb-interval is 30 days.
we have 10 core servers.
Is this value can be configured with the different value for each server?
Because recently I experience core crashed because of 'out of available lock
entries' and 'db error - 12 Cannot allocate memo
current value of nsslapd-changelogcompactdb-interval is 30 days.
we have 10 core servers.
Is this value can be configured with the different value for each server?
Because recently I experience core crashed because of 'out of available lock
entries' and 'db error - 12 Cannot allocate memo
(Resending this email, files were too large)
Sorry for the delayed reply. I was on vacation for a few days.
> Please show us the KDC log when you are provoking a failure.
I'm attaching the slapd access, slapd error, krb5kdb.log and kadmind.log. The
only thing of note I see in those logs is in t
F B via FreeIPA-users wrote:
> Background:
> I have a working FreeIPA setup that incorporates NFSv4 shares from a NAS
> utilising Kerberos. Part of this setup was creating an Object Class with two
> attributes. In order to streamline the process of configuring the attributes
> during user creati
Background:
I have a working FreeIPA setup that incorporates NFSv4 shares from a NAS
utilising Kerberos. Part of this setup was creating an Object Class with two
attributes. In order to streamline the process of configuring the attributes
during user creation, I've created a plugin by scraping t
Vadim Dobroskokin via FreeIPA-users wrote:
> `ipa-acme-manager --enable` command failed on master replica.
> On other replicas, the command completes successfully.
>
> FreeIPA 4.11, RockyLinux 9.4
>
> Output fragment from failed command:
>
> ```
> ipaserver.masters: DEBUG: Discovery: available s
Patterson, David via FreeIPA-users wrote:
> Hello,
>
>
>
> I have an existing environment with three Idm servers running RHEL 8.10
> running 4.9.13-10 ipa-server version with FIPS disabled.
>
>
>
> I’ve been asked to enable FIPS.
>
>
>
> I’ve done enough googling to know you can’t just
Francis Augusto Medeiros-Logeay wrote:
>
>
>> On 15 Jul 2024, at 19:44, Rob Crittenden wrote:
>>
>> Francis Augusto Medeiros-Logeay via FreeIPA-users wrote:
>>> Ok, I am not sure how this works:
>>>
>>> I created this user, called biding. I want it to be able to create
>>> users on FreeIPA, mail
Chris Kross via FreeIPA-users wrote:
> Hello to all!
>
> I'm trying a lot, to setup a Firewall vpn login with certificates generated
> by the FreeIPA server, but i´m stucked now.
> I have the user certificate generated by the FreeIPA and the firewall
> generate the CSR then imported on the FreeI
Hi,
I had an existing instance of freeipa that went broken so badly (pki-tomcat
unrecoverable) that the only option was spinning up a new one and `ipa
migrate-ds` from the broken one.
The new instance was set to reuse the same id-range as the previous one, so all
is good for the users in that
Hi,
I have a similar issue after reimporting user with migrate-ds including users
in a legacy range.
I created the id-range to contain these users ids, but some users show an error
similar to the one described above.
Did you manage to fix it?
When running the sidgen task after setting the range
`ipa-acme-manager --enable` command failed on master replica.
On other replicas, the command completes successfully.
FreeIPA 4.11, RockyLinux 9.4
Output fragment from failed command:
```
ipaserver.masters: DEBUG: Discovery: available servers for service 'CA' are
ipa01.example.com, ipa11.example
12 matches
Mail list logo
