[Freeipa-users] Re: Make custom attribute fail in UI and SAVE Button

On 11/09/2017 09:18 AM, barry...@gmail.com wrote: Now work at certain area limitation: It can update successfully  BUT no view on UI  , then I tried replace "textarea" as before it come a big field but also no view my result. ( but it really updated) Could you please reformulate it? I'm not

[Freeipa-users] Question about FreeIPA-pki-tomcatd fails to start

Dear, I encountered an issue on FreeIPA, could someone give some suggestion? thanks ahead~ ipactl start Starting Directory Service Staring krb5kdc service Staring kadmin Service … Starting pki-tomcatd Service Failed to start pki-tomcatd server .. The Linux version is CentOS7.2

[Freeipa-users]Reply：Question about FreeIPA-pki-tomcatd fails to start

Hi, Thanks ('Rob Crittenden' ) to inform me that /var/lib/pki/pki-tomcat/logs/ca/signedAudit not exsited. By "mkdir -p /var/lib/pki/pki-tomcat/logs/ca/signedAudit" automatically, pki-tomcatd can be started normally. - 原始邮件 - 发件人：None via FreeIPA-users

[Freeipa-users] Re: Make custom attribute fail in UI and SAVE Button

The will disappear after saved pressed . it will chnage to in ldap but the UI field blank not store. define(['freeipa/phases','freeipa/user'], function(phases, user_mod) { // helper function function get_item(array, attr, value) { for (var i=0,l=array.length; i

[Freeipa-users] Re: Make custom attribute fail in UI and SAVE Button

On to, 09 marras 2017, barrykfl--- via FreeIPA-users wrote: Hi: May be I missed write something on JSON.. But I can use in command shell successfully. ipa user-mod apigee --setattr comDate= then ldap will appear user-show all will see. Any reference link if I missed ? See

[Freeipa-users] Re: Make custom attribute fail in UI and SAVE Button

Now work at certain area limitation: It can update successfully BUT no view on UI , then I tried replace "textarea" as before it come a big field but also no view my result. ( but it really updated) section.fields.push({ flags: ['w_if_no_aci'], $type: 'multivalued', name:

[Freeipa-users] Re: Make custom attribute fail in UI and SAVE Button

On 11/09/2017 10:34 AM, barry...@gmail.com wrote: The will disappear after saved pressed . it will chnage to in ldap but the UI field blank not store. Now I understand, thank you. Could you please show me how you specified this new option in python code? Or you can check API

[Freeipa-users] Re: Make custom attribute fail in UI and SAVE Button

On 11/09/2017 09:00 AM, barry...@gmail.com wrote: Add like this ...now the label gone nothing shown.  section.fields.push({   flags: ['w_if_no_aci']    $type: 'multivalued',    name: 'comDate',   label: 'Commencement Date'     }); Yes, that's because of missing colon at the end of

[Freeipa-users] Re: sudoers issues

Ok so I did that and the rules are coming down just like I thought: [user1@jira02 ~]$ sudo -lMatching Defaults entries for rob.lloyd on jira02:    !visiblepw, always_set_home, match_group_by_gid, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS", env_keep+="MAIL PS1 PS2

[Freeipa-users] Re: sudoers issues

Remember, we don’t have new rules. We just use sudo for sudo to root. So we just have a static rule based on a group, with the group in IPA. On Nov 9, 2017, at 9:57 AM, Andrew Meyer > wrote: Charles, Not sure my boss wants to do it that way.

[Freeipa-users] Re: Encoding Error in Initial Replication

Hello, freeIPA 3.x is no longer supported, you need to update it. The same to Fedora. On 11/09/2017 01:38 PM, Nevada Sanchez via FreeIPA-users wrote: I've been trying to set up a replica for a FreeIPA server (3.3.5 on Fedora 19) and am running into what appears to be an encoding issue on the

[Freeipa-users] Encoding Error in Initial Replication

I've been trying to set up a replica for a FreeIPA server (3.3.5 on Fedora 19) and am running into what appears to be an encoding issue on the server as it tries to deliver data to the replica. It is line 9 below: [09/Nov/2017:12:34:08 +] NSMMReplicationPlugin - conn=1275 op=7

[Freeipa-users] Re: [Freeipa-users]Re: Trouble with AD Trust

Thanks, Dave, but time sync doesn't appear to be an issue. The official instructions' tests to see whether SRV records work. On the Windows side, if I attempt to create a trust, it throws the error: "The Local Security Authority is unable to obtain an RPC connection to the Active Directory

[Freeipa-users] Trouble with AD Trust

I have FreeIPA and Active Directory on our network and am attempting to follow the [ https://www.freeipa.org/page/Active_Directory_trust_setup | official instructions ] for getting a trust set up. I'm down to the section where I run ipa trust-add to set up the trust. I've set up and verified

[Freeipa-users] Re: Trouble with AD Trust

Hello Justin, While waiting on a response from the more experienced on here than I. I would double check time sync is correct between AD DC and IPA DC. Also; The AD DC will do a _srv_ record lookup for the IPA DC then attempt connection to the Samba instance on said IPA DC from my understanding.

[Freeipa-users] Re: Question about FreeIPA-pki-tomcatd fails to start

On 11/09/2017 09:16 AM, None via FreeIPA-users wrote: Dear, I encountered an issue on FreeIPA, could someone give some suggestion? thanks ahead~ ipactl start Starting Directory Service Staring krb5kdc service Staring kadmin Service … Starting pki-tomcatd Service Failed to start

[Freeipa-users] Listing groups in FreeIPA

Hey all, Is there a way to get a list of all of the groups in FreeIPA using the python API? -- Kristian Petersen System Administrator Dept. of Chemistry and Biochemistry ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To

[Freeipa-users] Re: Trouble with AD Trust

On to, 09 marras 2017, Justin Smith via FreeIPA-users wrote: Oh, right - I had forgotten about that. It still throws the same error. I even tried turning the firewalls completely off in case I accidentally missed something. You need to generate debug logs to see what's happening and share they

[Freeipa-users] Re: Trouble with AD Trust

On to, 09 marras 2017, Justin Smith via FreeIPA-users wrote: I have FreeIPA and Active Directory on our network and am attempting to follow the [ https://www.freeipa.org/page/Active_Directory_trust_setup | official instructions ] for getting a trust set up. I'm down to the section where I run

[Freeipa-users] Re: Trouble with AD Trust

Oh, right - I had forgotten about that. It still throws the same error. I even tried turning the firewalls completely off in case I accidentally missed something. --- Justin Smith IT Analyst MIM Software, Inc. [ https://www.mimsoftware.com/ | https://www.mimsoftware.com ] - Original

[Freeipa-users] Re: Encoding Error in Initial Replication

Thanks. I'm actually trying to upgrade to 4.5, and I'm following instructions for migrating to new platform/OS, which involves preparing and then installing a replica on the new platform (which is IPA 4.5/fedora 26). Anyway, I did manage to trace the encoding error to entries in LDAP that don't

[Freeipa-users] Re: ipa host-del fail

It looks like your krb5.conf is missing the default realm setting. Is the machine you are running commands from joined? Either way kinit ad...@realm.com should work. The uppercase matters for Kerberos. > On Nov 9, 2017, at 8:53 PM, None via FreeIPA-users >

[Freeipa-users]回复：Re: ipa host-del fail

Thanks, Rob.I ran the command one another node and it worked for me. None via FreeIPA-users wrote: > Dear, > > I am trying to install replica by "ipa-replica-install > replica-info-namenode2.hadoop.gxdwdc.gpg" but it failed, > > ipa-replica-install replica-info-namenode2.hadoop.gxdwdc.gpg >

[Freeipa-users] ipa host-del fail

Dear, I am trying to install replica by "ipa-replica-install replica-info-namenode2.hadoop.gxdwdc.gpg" but it failed, ipa-replica-install replica-info-namenode2.hadoop.gxdwdc.gpg...The host namenode2.hadoop.gxdwdc already exists on the master server.You should remove it before procedding:

[Freeipa-users] Re: ipa host-del fail

None via FreeIPA-users wrote: > Dear, > > I am trying to install replica by "ipa-replica-install > replica-info-namenode2.hadoop.gxdwdc.gpg" but it failed, > > ipa-replica-install replica-info-namenode2.hadoop.gxdwdc.gpg > ... > The host namenode2.hadoop.gxdwdc already exists on the master

[Freeipa-users] Re: ldap cache

This would necessarily refetching rules this would clearing out the cache of the ldap database on the client system.  Sorry if I was cryptic. I know if you use openldap you can set a timeout for it refresh the database.  Is there a way to do that w/ FreeIPA? On Thursday, November 9, 2017

[Freeipa-users] Re: sudo not working with hostgroups

Hi Aaron, I found this information very helpful for debugging a CentOS 7 box that is having the same problem, thank you. On my box, sudo over SSSD is working, but not with host groups, only with specific hosts listed. So there's some problem with the host expansion as you point out, but I'm

[Freeipa-users] Re: Make custom attribute fail in UI and SAVE Button

Add like this ...now the label gone nothing shown. section.fields.push({ flags: ['w_if_no_aci'] $type: 'multivalued', name: 'comDate', label: 'Commencement Date' }); 2017-11-09 15:50 GMT+08:00 Pavel Vomacka : > > > On 11/09/2017 08:36 AM,