>
> I think the better reference in the documentation is
> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/windows_integration_guide/trust-legacy
>
> If there is a trust to an AD forest and 'ipa-adtrust-install
> --enable-compat' was called. there will be a special
Hi the list.
.I'd consider createing a permission with permission-add, but there is no
token object type.
[hicksaw@hpch2fa02 ~]$ ipa permission-add mangage-otptoken --right=all
--bindtype=permission --type=token
ipa: ERROR: invalid 'type': "token" is not an object type
Even though
Hello the List,
This turned out to be a workflow issue, we still have a problem but this
first use case works.
In the case of a user with an invalid password (none or expired) with no OTP
token they can reset their password and ask IPA to create an OTP token for
them.
1. Helpdesk
Excellent, Thank you for the help.
On Tuesday, November 21, 2017 3:01 PM, Rob Crittenden via FreeIPA-users
wrote:
Andrew Meyer via FreeIPA-users wrote:
> Ok now I am trying to add puppet to my FreeIPA environment. Following
> the instructions
>
Bind seems to work fine.
When queried about a record it logs the answer fine (even for external domains).
However it fails to answer any ipa local zone request.
e.g. resolve it own host query:
-- 8< --
21-Nov-2017 13:52:06.419 client: debug 3:
Николай Савельев via FreeIPA-users wrote:
> Hi.
> I asked about Owncloud, Zimbra, etc autentification in freeipa with AD trust.
> I was offered to use SAML.
> But I dont undestand SAML. It very dificult for me.
> I only want use LDAP for autentification as in this artikle
>
Hoi,
Anyone out there with experience of whether or not adding a replica of more
recent version (4.4.4 and 389 dir 1.3.7.5-1 up from 4.4.3 with 389
dir 1.3.5.15-2) would impact the existing servers in terms of schema or
similar?
I'm still trying to find a safe way to upgrade safely without going
On Tue, Nov 21, 2017 at 09:05:29AM +0100, Ronald Wimmer via FreeIPA-users wrote:
> Hi,
>
> in IPA I defined a user called isomeuser. This username does definitely not
> exist on the AD side.
>
> When I log in as root to an IPA client and issue the su command, I am
> isomeuser@ad.domain. If I do
On Tue, Nov 21, 2017 at 08:36:16AM +0100, Ray via FreeIPA-users wrote:
> Hi,
>
> yesterday I noticed a strange issue on a Centos 7 client running
> ipa-client-4.5.0-21.el7.centos.2.2.x86_64:
>
> My daughter tried to log in to the machine and was kicked out again after
> GNOME failed to load