That sounds exactly like what we need.
Thank you very much,
Petr Fišer
On 08/03/2017 06:01 PM, Alexander Bokovoy wrote:
On to, 03 elo 2017, Petr Fišer via FreeIPA-users wrote:
Hello,
We are currently deploying FreeIPA and we make use of custom attributes.
We defined them in custom.py script
On 08/03/2017 11:13 PM, Ian Harding via FreeIPA-users wrote:
On 08/03/2017 12:28 AM, Florence Blanc-Renaud wrote:
On 08/02/2017 11:51 PM, Ian Harding via FreeIPA-users wrote:
On 08/02/2017 12:11 AM, Florence Blanc-Renaud wrote:
On 08/02/2017 01:43 AM, Ian Harding wrote:
On 08/01/2017 12:03
On Fri, Aug 04, 2017 at 09:05:20AM -0300, Felipe Barreto Volpone via
FreeIPA-users wrote:
> Hi Alka,
>
> I think you can get useful info here: https://www.redhat.com/
> archives/freeipa-users/2017-May/msg00028.html
Also this might be useful to pinpoint the issue:
Hi all,
We run IPA 3.0.0 and have a cert on the CA master expiring in about 10 days.
The problem is that we mistakenly provisioned the last cert using an old
hostname which means that automatically renewing the cert fails, and the IPA
cert checks we run fails with...
ca-error: Server at
Turns out, I'm still getting the same problem. It works right away after I
force clean the sssd cache: systemctl stop sssd ; rm -f /var/lib/sss/db/*
/var/log/sssd/* ; systemctl start sssd
After some time, trying to log back on the same system I see the login
prompt is much quicker when I type
Tiemen Ruiten via FreeIPA-users wrote:
> As I mentioned in my first mail, that doesn't work. For testing, I
> created a new role that contains the following privileges:
>
> Group Administrators
> Modify Group membership
> Modify Users and Reset passwords
> User Administrators
>
> Unfortunately,
Mark Haney via FreeIPA-users wrote:
> So now that we have a nicely replicating domain and ca, I'd like to rid
> myself of these revoked certificates which I tried as a way to fix the
> replication and setting up of a CA. Is there a way to delete these
> certs out of the store?
>
>
You'd have
On 08/04/2017 02:19 PM, Rob Crittenden wrote:
You'd have to do it using LDAP directly. There is nothing really wrong
with having a few revoked certs.
rob
I suppose that's fine, it just offends my sense of order. Thanks for
the info.
--
Mark Haney
Network Engineer at NeoNova
919-460-3330
Hi Alka,
I think you can get useful info here: https://www.redhat.com/
archives/freeipa-users/2017-May/msg00028.html
On Fri, Aug 4, 2017 at 8:31 AM, Alka Murali via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Hello,
>
> I have implemented a freeipa server and enrolled many
Hello,
I setup an LDAP User Federation in Keycloak to our FreeIPA domain.
Unfortunately, the password reset functionality appears to only work when
the user Keycloak binds as is in the admins group. I tried both the User
Administrator and helpdesk roles, but always got this error:
Caused by:
Hello,
On 08/03/2017 10:12 PM, Kristian Petersen via FreeIPA-users wrote:
The customizations that define the additions to the schema appear to
be in the javascript file
/usr/share/ipa/ui/js/plugins/chemuser/chemuser.js. It defines the
additional fields we use that are causing us so much
As I mentioned in my first mail, that doesn't work. For testing, I created
a new role that contains the following privileges:
Group Administrators
Modify Group membership
Modify Users and Reset passwords
User Administrators
Unfortunately, I get the same error.
On 4 August 2017 at 17:40, Bob
Assigning roles to your userwill fix that issue. The existing "User
Administrator" role may fit your needs, but I am unsure how restrictive
you want to be with permissions.
If you want to be more restrictive a custom role with "System: Change User
password" permissions would seem to be the right
On pe, 04 elo 2017, Kristian Petersen wrote:
If it helps, the python file where we customized things is included below:
# Place in /usr/lib/python2.7/site-packages/ipalib/plugins/
Ok, this is location for pre-4.5 plugins. With FreeIPA 4.5 we split them
into ipaserver/plugins and
On pe, 04 elo 2017, Yuri Moens via FreeIPA-users wrote:
Hi
I'm currently trying to setup a trust between IPA and Samba AD but I keep
running into some issues.
IPA is running on CentOS 7
VERSION: 4.4.0, API_VERSION: 2.213
ipa01.cloud.ymo.lab, Netbios CLOUD, domain cloud.ymo.lab
Samba is
15 matches
Mail list logo
