On 04/04/18 12:00, lejeczek via FreeIPA-users wrote:
hi
here I have something very easily reproducible I think.
I have two masters IPA, fist one stood alone for a while
and then I added the second server.
Then I ipa-restored the first master to a data backup from
a day or two before second
On 04/04/18 09:36, Florence Blanc-Renaud wrote:
On 04/03/2018 08:37 PM, lejeczek wrote:
On 29/03/18 12:43, Florence Blanc-Renaud wrote:
On 03/28/2018 12:42 PM, lejeczek via FreeIPA-users wrote:
hi guys,
I fail to troubleshoot this here:
$ ipactl start --ignore-service-failures
Starting
hi
here I have something very easily reproducible I think.
I have two masters IPA, fist one stood alone for a while and
then I added the second server.
Then I ipa-restored the first master to a data backup from a
day or two before second master was added and now:
...
Starting pki-tomcatd
So I made the change to 2 server, 1 in Amazon and 1 in my local office. I am
seeing high offset/drift from ntp in prometheus (alerting system). And
anything to my local office from AWS has high delay and offset. However when I
check out the local office I see the exact opposite.
On 04/04/18 12:43, Florence Blanc-Renaud wrote:
On 04/04/2018 12:37 PM, lejeczek via FreeIPA-users wrote:
On 04/04/18 09:36, Florence Blanc-Renaud wrote:
On 04/03/2018 08:37 PM, lejeczek wrote:
On 29/03/18 12:43, Florence Blanc-Renaud wrote:
On 03/28/2018 12:42 PM, lejeczek via
On 04/04/18 12:43, Florence Blanc-Renaud wrote:
You need to check which server is your renewal master (ipa
config-show | grep 'IPA CA renewal master'), then make
sure that the certs were properly renewed on this master
(check consistency between /etc/pki/pki-tomcat/alias, the
certs in
Afternoon all
I’ve got a slightly strange one with one of our FreeIPA clusters, whereby the
topology suffixes appear to have disappeared.
From what I can see, this is causing replication issues between the hosts,
which is causing us issues with bootstrapping new clients against FreeIPA.
I’m
Alka Murali wrote:
> Hi Rob,
>
> I am planning to revert my existing third party SSL certs for HTTP and
> LDAP Services back to CertMonger cert. Is there any way to revert the
> certs back to CertMonger certs.
Are you sure the certs exist and are valid?
There is no automated way to do it.
Greetings,
My organization is working to remove the need for passwords for its
end-users. While moving forward on this project I have noticed after
logging into a system the user is never given a TGT after login. A TGT
can be obtained by using kinit and entering a password, but this defeats
On ke, 04 huhti 2018, Michael Rainey (Contractor, Code 7320) via FreeIPA-users
wrote:
Greetings,
My organization is working to remove the need for passwords for its
end-users. While moving forward on this project I have noticed after
logging into a system the user is never given a TGT after
Don't drop the mailing list, please.
On ke, 04 huhti 2018, Michael Rainey (Contractor, Code 7320) wrote:
I'm talking about Kerberos. Logging into the system is not an issue.
How do I obtain a Ticket Granting Ticket (TGT) without having to
execute "kinit" and enter a password.
Once I log
$ ipa-csreplica-manage del "long non-existent replica"
Unable to delete replica swir: Connect error: TLS error
-8054:You are attempting to import a cert with the same
issuer/serial as an existing cert, but that is not the same
cert.
Would you gents know where to start troubleshooting?
many
I am in the process of switching a small network over from a DNS hosted on
a pfSense firewall appliance to one handled by FreeIPA. I haven't got a
lot of expereience with DNS in this regard. When I made the cut over,
everything seemed to work except for a trio of websites all hosted from
this one
On ti, 03 huhti 2018, Zarko Dudic via FreeIPA-users wrote:
Hi there,
Seems I have to kinit every time in order to run ipa command, as a
quick fix!?
The client is ipa-client-4.5.0-22.0.1.el7_4.x86_64
Servers are ipa-server-4.4.0-12.0.1.el7.x86_64
This has started recently and I am not able
On 04/03/2018 08:37 PM, lejeczek wrote:
On 29/03/18 12:43, Florence Blanc-Renaud wrote:
On 03/28/2018 12:42 PM, lejeczek via FreeIPA-users wrote:
hi guys,
I fail to troubleshoot this here:
$ ipactl start --ignore-service-failures
Starting Directory Service
Starting krb5kdc Service
Starting
On 04/04/18 09:36, Florence Blanc-Renaud wrote:
On 04/03/2018 08:37 PM, lejeczek wrote:
On 29/03/18 12:43, Florence Blanc-Renaud wrote:
On 03/28/2018 12:42 PM, lejeczek via FreeIPA-users wrote:
hi guys,
I fail to troubleshoot this here:
$ ipactl start --ignore-service-failures
Starting
16 matches
Mail list logo