On ti, 11 heinä 2017, Andy Thompson via FreeIPA-users wrote:
We are troubleshooting an account lockout issue and came across the
error below in the windows DC event logs while investigating. They are
appearing in two of our environments, the third is quiet. These are
logged several times a minu
On ti, 11 heinä 2017, erricg--- via FreeIPA-users wrote:
We're planning an IdM implementation where we have several data centers
over a large geographic location. We're following the Red Hat guide:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity
Thanks Callum for your advice so far, I am now able to login to the client
via the FreeIPA server authentication.
I am having trouble getting sudo access working properly. I have followed
the guide you mentioned but I still cannot sudo into the client. I have
opened up
everything under the crea
One easy way to resolve your issues it to use different names for the
export location and the mount location. Your export location is handled by
fstab, whereas your mount location is handled by autofs. For example, your
have server1 with /export_data1 and server2 with /export_data2 mounted via
fsta
Dear all,
I have installed FreeIPA and try to learn about the concepts.
I’ve been looking around, reading documents that I found and searched but did
not find any useful hints how to configure FreeIPA to solve my problem I
describe below.
Any hints will be greatly appreciated!
I’m looking for
Hey Guys,
Was having some strange issues and found one of the dirsrv services crashed, I
can't say this is the only time this has happened but usually it starts
manually or on reboot.
Any ideas on this one? Let me know if you need more info.
Thanks as always!
-Jake
# /usr/sbin/ns-slapd -
Hi all,
I'm trying to set up a replica from RHEL6.9 FreeIPA 3.0.0 to RHEL7.3 RHEL 4.4.0.
What I'm trying to achieve is an isolated FreeIPA 4.4 server that we could
replace the original FreeIPA 3.0 infrastrcuture with. The way I'm doing this is:
1) prepare replica file on production ipa01 and c
Ok, great.
I will do that (and monitor that additional SAN ldapha.xx is persistant after
upgrade)
Thank you for your help
BR
- Original Message -
From: "Fraser Tweedale"
To: "David Goudet"
Cc: "FreeIPA users list"
Sent: Monday, July 10, 2017 11:25:56 PM
Subject: Re: [Freeipa-users]
Hello,
Today I realized that the https certificate for my freeipa web ui has expired.
I tried to renew it using:
#ipa-cacert-manage renew
Renewing CA certificate, please wait
CA certificate successfully renewed
The ipa-cacert-manage command was successful
So it seemed to went well. I tried to r
We are troubleshooting an account lockout issue and came across the error below
in the windows DC event logs while investigating. They are appearing in two of
our environments, the third is quiet. These are logged several times a minute
and are likely unrelated to the lockout issue, but what I
Hi Joerg,
>Question: Are there other ways to get the (almost) same result w/o having
>admin access to AD?
No.
You will need to either:
1. Have your AD admins enter their domain admin password for you when you're
running the ipa trust-add command
2. Have your AD admins give you a one time pas
On 07/11/2017 03:24 PM, Jan Karásek via FreeIPA-users wrote:
Hi,
thank you. We have 34 entries in directory with nsuniqueid in DN:
dn: cn=Kerberos Service Password
Policy+nsuniqueid=f683e20f-e16a11e6-bea49da2-866883c1,cn=VS.CSINT.CZ,cn=kerberos,dc=vs,dc=example,dc=cz
dn:
cn=cosTemplates+nsuni
Hi,
thank you. We have 34 entries in directory with nsuniqueid in DN:
dn: cn=Kerberos Service Password
Policy+nsuniqueid=f683e20f-e16a11e6-bea49da2-866883c1,cn=VS.CSINT.CZ,cn=kerberos,dc=vs,dc=example,dc=cz
dn:
cn=cosTemplates+nsuniqueid=f683e21f-e16a11e6-bea49da2-866883c1,cn=VS.CSINT.CZ,cn=kerb
We're planning an IdM implementation where we have several data centers over a
large geographic location. We're following the Red Hat guide:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/replica-considerations.h
On ti, 11 heinä 2017, Harald Dunkel via FreeIPA-users wrote:
On Mon, 10 Jul 2017 16:16:42 +0200
Jakub Hrozek via FreeIPA-users wrote:
I don't think DNS caching in general is something SSSD should do.
IMU dns is just another remote directory service. Caching dns would be
interesting to spee
On Mon, 10 Jul 2017 16:16:42 +0200
Jakub Hrozek via FreeIPA-users wrote:
>
> I don't think DNS caching in general is something SSSD should do.
>
IMU dns is just another remote directory service. Caching dns would be
interesting to speed up dns lookups and in case of vpn network problems,
for
understood.
Thanks for the quick reply.
jgeo
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Patrick,
I think we your email requires more detail on your setup and what you have
configured. Have you followed any sort of installation guide?
If you are able to gain SSH sessions without IPA authorising them then I
can only suppose that you are still using a local system account, i.e. one
you
On ti, 11 heinä 2017, Pieter Baele wrote:
Hi Alexander,
That what bothered me. All DNS zones are on IPA. So why the error
Forwarding is only for other domains and the private 172.x addresses are
only necessary on the IPA joined hosts.
(However, what they call a multi-homed network design i
Hi Alexander,
That what bothered me. All DNS zones are on IPA. So why the error
Forwarding is only for other domains and the private 172.x addresses are
only necessary on the IPA joined hosts.
(However, what they call a multi-homed network design in Hadoop also
complicates other things consi
20 matches
Mail list logo