[Freeipa-users] Re: Keycloak with FreeIPA federation / expired Password

Hey, m-( thanks a bunch that did the trick. Now everything works smoothly as expected, thanks! Is there some place this is documented? Besides the extensive Manual on how to set it up with AD I did not find any documentation on this procedure. Anyways, thanks a lot for guiding me. Jonatan Am

[Freeipa-users] Add new Identity Settings for users Freeipa

Good day! I setup integration Freeipa with Jamf. I mapped default user attributes from Identity Settings like: Job Title First name Last name Email In Jamf i have more user attributes (Department, Building). My question is How i can mapping user attributes form Employee Information to

[Freeipa-users] Re: Fail to login to IPA server after installation with IPA accounts

On Mon, Mar 23, 2020 at 05:37:07PM -, Scott Reed via FreeIPA-users wrote: > Hi, > > I'm running a single server with multiple clients. The OS is Centos 7. When > I installed the server, I created the accounts and then installed the > clients. Overall, the installations went great, and I

[Freeipa-users] Re: Fail to login to IPA server after installation with IPA accounts

No, the home directory for admin1 was not created. Scott ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct:

[Freeipa-users] FreeIPA translations system is moving to Weblate

Hi, this is mostly a message to all kind people who help us to localize FreeIPA interfaces. Fedora Project decided to switch from Zanata to Weblate for their translation project. This means we are asked to migrate from Zanata server too. As of yesterday, we made the last cut of content from the

[Freeipa-users] Re: Fail to login to IPA server after installation with IPA accounts

On Tue, Mar 24, 2020 at 11:59:59AM -, Scott Reed via FreeIPA-users wrote: > No, the home directory for admin1 was not created. Hi, so I guess a line like session optional pam_oddjob_mkhomedir.so umask=0077 is missing in e.g /etc/pam.d/password-auth in the IPA server while it

[Freeipa-users] Re: Fail to login to IPA server after installation with IPA accounts

Sumit, Why would I not want to login to the server with IPA accounts? I can control their access privileges with the IPA policies. Thanks, Scott ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to

[Freeipa-users] Getting shell to IdM client via AD credentials takes very long time

We have a large AD environment, which our IdM / FreeIPA servers authenticate users out of. The issue I'm trying to address is that it takes a very long time (upwards of 15-20+ seconds) to get a shell on any IdM client server. Our IdM servers are RHEL 7 boxes, using RHEL repositories: Installed

[Freeipa-users] Re: Fail to login to IPA server after installation with IPA accounts

On Tue, Mar 24, 2020 at 02:54:53PM -, Scott Reed via FreeIPA-users wrote: > Sumit, > > Why would I not want to login to the server with IPA accounts? I can control > their access privileges with the IPA policies. Hi, sure, I just wanted to point out that pam_oddjob_mkhomedir.so is not

[Freeipa-users] Re: IPA DNS ACL (respond with a different IP depending on the requester)

On ti, 24 maalis 2020, Daniel PC via FreeIPA-users wrote: I would like to configure DNS to respond with a different IP depending on the requester source IP. Bind allow it using ACL. Do you know if it is possible to implement this feature on IPA integrated DNS? Can you show bind's equivalent

[Freeipa-users] Re: Getting shell to IdM client via AD credentials takes very long time

On ti, 24 maalis 2020, White, David via FreeIPA-users wrote: When I ssh, it takes about that long before it even prompts me for my username. Then it takes a few more seconds to authenticate me after I type in my password. I need to correct myself here. When I SSH, it prompts for a username

[Freeipa-users] IPA DNS ACL (respond with a different IP depending on the requester)

I would like to configure DNS to respond with a different IP depending on the requester source IP. Bind allow it using ACL. Do you know if it is possible to implement this feature on IPA integrated DNS? thank you ___ FreeIPA-users mailing list --

[Freeipa-users] Re: Getting shell to IdM client via AD credentials takes very long time

> When I ssh, it takes about that long before it even prompts me for my > username. > Then it takes a few more seconds to authenticate me after I type in my > password. I need to correct myself here. When I SSH, it prompts for a username immediately. When I enter the username, it then takes

[Freeipa-users] Re: Fail to login to IPA server after installation with IPA accounts

On ti, 24 maalis 2020, Scott Reed via FreeIPA-users wrote: Sumit, Why would I not want to login to the server with IPA accounts? I can control their access privileges with the IPA policies. This is fully under your control. See man page for ipa-server-install(1), it describes all options.

[Freeipa-users] Re: IPA DNS ACL (respond with a different IP depending on the requester)

I confirm my configuration have something like: view test1 { match-clients{ ...;}; }; view test2 { match-clients{ ...;}; }; Any suggestion as alternative to views? Thank you ___ FreeIPA-users mailing list --

[Freeipa-users] Re: Fail to login to IPA server after installation with IPA accounts

Thanks. That answers my question. ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: