[Freeipa-users] Re: Dynamic DNS for DHCP clients using FreeIPA

I have made some progress, I reverted to the version of FreeIP in Fedora 26, and reconfigured everything, Now instead of timeout errors, I'm getting "tsig indicates error" Does anyone have an idea how to fix this? ___ FreeIPA-users mailing list --

[Freeipa-users] Re: Installation problems fro version 4.5.0 on centos 7

It was the problem Thank you ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

[Freeipa-users] Re: Restriction for SSH Key per host

On 26.09.17, 12:19, "Jakub Hrozek via FreeIPA-users" wrote: On Tue, Sep 26, 2017 at 09:54:40AM +, Alessandro Perucchi via FreeIPA-users wrote: > Hello, > > We are using Freeipa to our satisfaction. > > We are trying to create

[Freeipa-users] Re: ipactl status Failed to get list of services to probe status! Configured hostname 'replica.company.domain' does not match any master server in LDAP: No master found because of erro

pgb 205 via FreeIPA-users wrote: > any idea as to why im getting these errors? Because the configured hostname doesn't match any configured known master? ipactl looks in cn=masters,cn=ipa,cn=etc,$SUFFIX for the list of known masters. It uses that to determine what services are configured for a

[Freeipa-users] Re: ipactl status Failed to get list of services to probe status! Configured hostname 'replica.company.domain' does not match any master server in LDAP: No master found because of erro

any idea as to why im getting these errors? ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

[Freeipa-users] CentOS 6 system 4 error

I've been migrating a lot of our customer boxes from a local install of our master LDAP database (yeah, I know) to our IPA servers.  Nearly all these boxes are CentOS 6 (we have a smattering of C7 and C5 boxes as well) and I've built an ansible playbook to make the migration changes.  I've

[Freeipa-users] Re: How to set all passwords expired

Hey When i tried change krbpasswordexpiration for test user i get this error ipa user-mod test --setattr=krbPasswordExpiration=20381231011529Z ipa: ERROR: Insufficient access: Insufficient 'write' privilege to the 'krbPasswordExpiration' attribute of entry 'uid=test,cn=users,cn=accounts,dc=sf'.

[Freeipa-users] Restriction for SSH Key per host

Hello, We are using Freeipa to our satisfaction. We are trying to create a bastion/jumphost/... and in order to do it, we want to protect the bastion so that nobody can access it directly (except of course some admin people). And at the same time, we want that the users access some hosts

[Freeipa-users] Re: Force 2FA on specific hosts

On Mon, Sep 25, 2017 at 11:41:38AM -0500, Jeremy Utley via FreeIPA-users wrote: > That might be, but a quick read of the referenced document indicates it may > not work the way we want. All users will be using 2FA to access the jump > hosts. The way I read it, the Kerberos ticket will indicate