[Freeipa-users] Re: FreeIPA not working (Segfault in Kerberos) after upgrading to Fedora 29

Installed krb5-1.16.1-23.fc29 and it looks fine Thanks, Patrick ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct:

[Freeipa-users] Re: FreeIPA not working (Segfault in Kerberos) after upgrading to Fedora 29

Patrick Dung via FreeIPA-users writes: > Hello, After upgrading to Fedora 29, Kerberos on the primary Free IPA > is not working. Another FreeIPA replica failed to start. It is because > Kerberos (GSSAPI) is not working and ns-slapd cannot > start. Replication agreement cannot be established via

[Freeipa-users] Re: yum upgrade doesn't do IPA upgrade

Charles Hedrick via FreeIPA-users wrote: > For some reason on one of our 3 servers, yum update didn’t run the IPA > upgrade. /var/log/ipaupgrade.log was zero length. “ipactl start” noted that > an upgraded was needed, and did it. So it wasn’t a big deal. But it would be > nice for yum update to

[Freeipa-users] Re: Testing requested - certificate checking tool

Rob Crittenden via FreeIPA-users wrote: > SOLER SANGUESA Miguel via FreeIPA-users wrote: >> Hello, >> >>   >> >> I have run the tool on an environment where I’ve installed my own >> certificate for HTTPS (following this tutorial: >>

[Freeipa-users] yum upgrade doesn't do IPA upgrade

For some reason on one of our 3 servers, yum update didn’t run the IPA upgrade. /var/log/ipaupgrade.log was zero length. “ipactl start” noted that an upgraded was needed, and did it. So it wasn’t a big deal. But it would be nice for yum update to show some sign if there’s an issue. And perhaps

[Freeipa-users] IPA location on replica servers with different domain suffixes

Hi Experts, We have several IPA servers (pair of 8), and they are all replicas of each other with domain level-1. For example, -- No location set for these two servers server-1.ex1.net server-2.ex1.net -- locname1 server-1.mgmt-ex2.net server-2.mgmt-ex2.net We are using ipa version 4.5.4

[Freeipa-users] Re: Testing requested - certificate checking tool

SOLER SANGUESA Miguel via FreeIPA-users wrote: > Hello, > >   > > I have run the tool on an environment where I’ve installed my own > certificate for HTTPS (following this tutorial: > https://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP), > and it complains when find the root

[Freeipa-users] Re: PAM OTP login requirements

Hi all, happy 2019! Any thoughts on this? Docs would be welcome as well. Thanks!! Brian > On Dec 30, 2018, at 8:17 AM, Brian Topping wrote: > > Hi all, I hope this is the best place to ask this, please let me know if not. > > I am setting up a PAM client (libreswan, using the `pluto`

[Freeipa-users] Re: Service named-pkcs11.service on replica reports error: Failed to get initial credentials (TGT) using principal 'DNS/ipa-replica.example.com' and keytab 'FILE:/etc/named.keytab' (Ge

74cmonty via FreeIPA-users writes: > Hi, > > when I start service `named-pkcs11.service` on replica server I get these > error messages: > ``` > Dez 29 17:33:28 ipa-replica.example.com named-pkcs11[3936]: Failed to get > initial credentials (TGT) using principal 'DNS/ipa-replica.example.com'