Thank you. your help is appreciated. We are still out of luck and this is
becoming very critical for us.
Please help.
We did remove all but 1 certificate, restarted master (ds01) but
clientinstallation, connection check and replica installation still fails.
certutil -D -d /etc/pki/nssdb -n
On 10/13/2017 11:23 AM, Rob Crittenden wrote:
The kvno should match that of the keytab. If not you'll need to
regenerate it.
Note that by default ipa-getkeytab generates new keys every time it is
executed.
rob
Addendum to my previous reply. I /can/ 'kinit mark.haney' and supply my
Another thing I spotted in the UI: after a refresh of a page that loads
whith the user appearing as if they were disabled the actions menu has
extra options as shown in the image below. You have both enable and
disable, as well as two deletes.
On Fri, Oct 13, 2017 at 8:24 AM, Rob Crittenden
Rob Crittenden wrote:
Rob Crittenden via FreeIPA-users wrote:
Kristian Petersen via FreeIPA-users wrote:
Very possibly a bug if others are experiencing this as well. I am
running IPA v4.5.0 on RHEL 7.4 are you running in a similar environment?
You might be able to figure out what is going
Mark Haney wrote:
On 10/13/2017 09:48 AM, Mark Haney wrote:
I tried changing HOST/ to host/ and got this:
Certificate at same location is already used by request with nickname
"20171013123749"
Seems it doesn't matter on this setup. Oh, probably should mention
this is a CentOS 6.9 box. In case
On 10/13/2017 09:48 AM, Mark Haney wrote:
I tried changing HOST/ to host/ and got this:
Certificate at same location is already used by request with nickname
"20171013123749"
Seems it doesn't matter on this setup. Oh, probably should mention
this is a CentOS 6.9 box. In case that matters.
Rob Crittenden via FreeIPA-users wrote:
Kristian Petersen via FreeIPA-users wrote:
Very possibly a bug if others are experiencing this as well. I am
running IPA v4.5.0 on RHEL 7.4 are you running in a similar environment?
You might be able to figure out what is going on using something like
I found out that the reason why establishing trust didn't work was IPv6 stack.
It wasn't fully configured on FreeIPA's side as we didn't use it but there were
IPv6 DNS entries with AD domain controller name present. I remember that I read
somewhere that you need to be able to reach all of the
On 10/13/2017 09:17 AM, Rob Crittenden wrote:
Mark Haney via FreeIPA-users wrote:
I'm pretty sure ya'll are tired of my stupid questions, but I've got
that new Geek smell with regards to IPA, and definitely with manual
configuration. This should be easy to answer. I've got all the
necessaries
On 10/13/2017 09:00 AM, Mark Haney wrote:
I'm pretty sure ya'll are tired of my stupid questions, but I've got
that new Geek smell with regards to IPA, and definitely with manual
configuration. This should be easy to answer. I've got all the
necessaries manually setup and I'm at the step to
Mark Haney via FreeIPA-users wrote:
I'm pretty sure ya'll are tired of my stupid questions, but I've got
that new Geek smell with regards to IPA, and definitely with manual
configuration. This should be easy to answer. I've got all the
necessaries manually setup and I'm at the step to get the
saidireddy ranabothu via FreeIPA-users wrote:
Hi,
Please can anyone help me to integrate TACPLUS with FREEIPA for
authentication and authorisation.
I don't know that anyone has provided instructions for configuring this
but you can get information on configuring other services which might
12 matches
Mail list logo