On ke, 20 syys 2017, Bobby Jones via FreeIPA-users wrote:
Hi:
I am trying to finish my integration of FreeIPA with Active Directory, but
when I try to add my group information it fails.
# ipa group-add-member ad_admins_external --external 'AD/Domain Admins'
member group: AD\Domain Admins:
Hi:
I am trying to finish my integration of FreeIPA with Active Directory, but
when I try to add my group information it fails.
# ipa group-add-member ad_admins_external --external 'AD/Domain Admins'
member group: AD\Domain Admins: trusted domain object not found
As far as I can tell, I have
On (19/09/17 18:46), Florence Blanc-Renaud via FreeIPA-users wrote:
>On 09/18/2017 05:11 PM, Marius Bjørnstad via FreeIPA-users wrote:
>> Hi,
>>
>> When /tmp is full, it is impossible to authenticate with Kerberos. Login
>> with password over SSH and sudo don't work. Login with ssh key works
Foolishly, I blew up my entire 4.4 on Centos 7.4 environment and I'm trying to
get 4.5 working on 7.4. I've been hitting the same exact problem while trying
to install freeipa 4.5 on centos 7.4 from scratch and that's at step 6/45
"starting directory server". The following message is what I get
Thanks for the replies. We have migrated most servers to RHEL7. I'll see about
configuring the default_ccache_name on those, one way or another.
-Marius
> 20. sep. 2017 kl. 09.02 skrev Jakub Hrozek via FreeIPA-users
> :
>
> On Tue, Sep 19, 2017 at
Thanks for your response and time Jason, much appreciated. It sounds like
you in fact have almost the opposite symptoms to me, how strange!
I did find that ldapsearch using -Y for GSSAPI was failing on Mac until I
sorted out the reverse DNS entries for my IPA servers. The symptom was the
Hi All,
Since updating to CentOS 7.4/FreeIPA 4.5 (from 7.3/4.4) I have seen the
following fault.
IPA user accounts using password+OTP will authenticate *without OTP (only)*
when using an interim LDAP BIND configuration.
To clarify, I am specifically talking about Cisco ASA device, using a
On ke, 20 syys 2017, Lachlan Musicman wrote:
Notice that many ports are only available as tcp6 listeners? Like 636
(LDAPS), 389 (LDAP), 80 (HTTP), 443 (HTTPS) and so on? This is an effect
of using v6 API that supports v4-mapped-on-v6 addresses. It makes the
code less complex and handles with the
Hi,
I read about the vault feature in the documentation and installed the
feature on my ipa master (ipa-kra-install). However, when I try to
access my vault on an ipa client, I get:
ipa: INFO: trying https://ipa2.linux.mydomain.at/ipa/session/json
ipa: INFO: trying
On Tue, Sep 19, 2017 at 04:25:21PM -0400, Simo Sorce wrote:
> On Tue, 2017-09-19 at 20:27 +0200, Jakub Hrozek via FreeIPA-users
> wrote:
> > On Mon, Sep 18, 2017 at 05:11:09PM +0200, Marius Bjørnstad via
> > FreeIPA-users wrote:
> > > Hi,
> > >
> > > When /tmp is full, it is impossible to
On 20 September 2017 at 16:15, Lachlan Musicman wrote:
> On 20 September 2017 at 15:54, Alexander Bokovoy
> wrote:
>
>>
>> Ok. By the look of this commit (to 4.5):
>>>
>>> https://pagure.io/freeipa/c/bdf9a34dffdf4d7925208e5df9f69e3927b88858
>>>
>>> from
On 20 September 2017 at 15:54, Alexander Bokovoy
wrote:
>
> Ok. By the look of this commit (to 4.5):
>>
>> https://pagure.io/freeipa/c/bdf9a34dffdf4d7925208e5df9f69e3927b88858
>>
>> from this issue https://pagure.io/freeipa/issue/7083
>>
>> It is (or was) the IPv6 problem.
12 matches
Mail list logo