Angus Clarke via FreeIPA-users wrote:
> Hello
>
> We have a single mesh of FreeIPA servers in several different locations,
> we capture logs (apache ErrorLog directive) to a log server in each of
> those locations. When auditors ask us questions we have to trawl log
> servers from all locations
On Thu, Oct 8, 2020 at 6:27 PM Albert Szostkiewicz via FreeIPA-users
wrote:
>
> Hi!
>
> My dirsrv@IPA-MYDOMAIN-COM.service on IPA server fails to start due to
> missing configuration. How can I re-create one ?
>
> journalctl:
> ds_systemd_ask_password_acl[10117]: grep:
>
Radosław Kujawa via FreeIPA-users wrote:
> Hi list.
>
> Is it possible to add email subjectAltName to a certificate when it is
> being signed by the IPA?
>
> My use case is that I have CSRs generated by the users. The tool used to
> generate the CSR does not allow to add me to include an email
>
Unfortunately I am unable to pinpoint what happened.
No replica, some backups, but not sure how far to look for yet.
dirsrv@HOME-MYDOMAIN-COM
works and it's active
but only
dirsrv@IPA-MYDOMAIN-COM
does not
I am little bit confused as my domain is 'home.mydomain.com' therefore i wasn't
sure if
Hi.
On 10/8/20 9:06 PM, Rob Crittenden via FreeIPA-users wrote:
Radosław Kujawa via FreeIPA-users wrote:
Hi list.
Is it possible to add email subjectAltName to a certificate when it is
being signed by the IPA?
How would the profile know what e-mail to add?
These certificates are treated
duh it moved again
https://github.com/gssapi/gssproxy/tree/main/docs
the example is your answer
https://github.com/gssapi/gssproxy/blob/main/docs/NFS.md
Rob
Op do 8 okt. 2020 om 19:03 schreef Rob Verduijn :
> Hi,
> Check this, it is already installed on your rhel/centos server, and works
>
François Cami via FreeIPA-users wrote:
> On Thu, Oct 8, 2020 at 7:00 PM Albert Szostkiewicz via FreeIPA-users
> wrote:
>>
>> Unfortunately I am unable to pinpoint what happened.
>> No replica, some backups, but not sure how far to look for yet.
>>
>> dirsrv@HOME-MYDOMAIN-COM
>> works and it's
Christopher Lamb via FreeIPA-users wrote:
> Hi All
>
> Last night we successfully upgraded our ipa server to OEL 7.9, and
> ipa-server-4.6.8-5.el7.
>
> However the ipa.service will not start, because it fails at the NTP Service.
>
> All other ipa components start if we use the
Hi Rob
I have fired up Apache Directory Studio, and have navigated the LDAP tree to the cn=NTP entry.
Should I be deleting the entire cn=NTP entry, with all attributes; or just the ipaConfigString "startOrder 45"?
thanks
Chris
- Original message -From: Rob Crittenden via
Hi,
Check this, it is already installed on your rhel/centos server, and works
great with ipa.
( in fact the lead dev is also a dev on ipa )
https://pagure.io/gssproxy
Rob
Op do 8 okt. 2020 om 18:20 schreef Kevin Vasko via FreeIPA-users <
freeipa-users@lists.fedorahosted.org>:
> Hello,
>
> We
Hi!
My dirsrv@IPA-MYDOMAIN-COM.service on IPA server fails to start due to missing
configuration. How can I re-create one ?
journalctl:
ds_systemd_ask_password_acl[10117]: grep:
/etc/dirsrv/slapd-IPA-MYDOMAIN-COM/dse.ldif: No such file or directory
ns-slapd[10122]: INFO - dse_check_file - The
Hello,
We have an application that does some data processing on our NFS server. Users
typically just ssh into a box which then has a kerberos key generated for them,
which allows them access the NFS share and run the script.
We are wanting to set this up in a more automated fashion. Such as
Hi list.
Is it possible to add email subjectAltName to a certificate when it is
being signed by the IPA?
My use case is that I have CSRs generated by the users. The tool used to
generate the CSR does not allow to add me to include an email
subjectAltName. The problem is that private key is
Hello
We have a single mesh of FreeIPA servers in several different locations, we
capture logs (apache ErrorLog directive) to a log server in each of those
locations. When auditors ask us questions we have to trawl log servers from all
locations as our IdM administrators might have used any of
Hi All
Last night we successfully upgraded our ipa server to OEL 7.9, and ipa-server-4.6.8-5.el7.
However the ipa.service will not start, because it fails at the NTP Service.
All other ipa components start if we use the --ignore-service-failures option.
# ipactl start
Want to note that my domain is 'home.mydomain.com' not 'ipa.mydomain.com'
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
On 08.10.20 19:05, Rob Verduijn via FreeIPA-users wrote:
duh it moved again
https://github.com/gssapi/gssproxy/tree/main/docs
the example is your answer
https://github.com/gssapi/gssproxy/blob/main/docs/NFS.md
I didn't even know this is possible. Thanks a lot!
Cheers,
Ronald
On 10/8/20 12:53 PM, Arjen Heidinga via FreeIPA-users wrote:
Hello all!
Since sime time my pki-tomcat deamon can't connect to the LDAP., ging me
an error (below). The root-CA was expired in the meantime, I fixed it
with some hack-n-slashwork. I am not sure what credentials (none, client
Hello all!
Since sime time my pki-tomcat deamon can't connect to the LDAP., ging me
an error (below). The root-CA was expired in the meantime, I fixed it
with some hack-n-slashwork. I am not sure what credentials (none, client
cert?) are used to connect.
Does anyone have pointers? Hope I
19 matches
Mail list logo
