I should add that I deleted/moved the large DB file as it was on the
single remaining master, with no replication agreements left.
Is it worth asking on the 389-users list as well?
Thanks
Mike
On 14 November 2017 at 16:48, Mike Johnson wrote:
> Pastebin for dirsrv/errors log file during/after f
Hi
I setup zimbra by this docs
http://www.freeipa.org/page/Zimbra_Collaboration_Server_7.2_Authentication_and_GAL_lookups_against_FreeIPA
I also use AD trust.
But i dont undestand why get all users from freeipa and ad for zimbra
By instructions i getting only ipa users. I can get only AD users.
Hello the FreeIPA List,
So as using the FreeIPA API and using LDAP directly to set existing users
passwords (because they don't yet have one) didn't work, we've set up PWM by
mostly following this gist:
https://gist.github.com/PowerWagon/d794a1233d7943f1614d2ae5223e678a
This has worked, and
Hi flo,
that's a good idea. +1!
If you need help to move the content to component-specific pages,
please, let me know.
On 11/13/2017 09:45 AM, Florence Blanc-Renaud via FreeIPA-devel wrote:
Hi all,
FreeIPA wiki contains a really long page for Troubleshooting [1], and I
would like to re-organ
After all the emails (thank you for your help) I have most of my Mac OS X
clients authenticating to FreeIPA over wireless. Clients running on a 2014 or
newer 10.12.5 and up won't work. I suspect this has to do with the TLS
version.
Tell me if I'm approaching this the right way.
I am trying t
On (13/11/17 12:45), Florence Blanc-Renaud via FreeIPA-users wrote:
>Hi all,
>
>FreeIPA wiki contains a really long page for Troubleshooting [1], and I would
>like to re-organize the content a little bit differently.
>
+1 for the effort.
BTW it might be good to have a section with links to trouble
For the newer macbooks (High Sierra) how did you get around the TLS 1.2
requirement? Did you generate a SSL cert and publish that to the RADIUS server?
On Tuesday, November 14, 2017 9:54 AM, Michael Plemmons via FreeIPA-users
wrote:
We have a range of OS X versions from 10.10 and new
Pastebin for dirsrv/errors log file during/after failed join --
https://pastebin.com/gJR1SZWZ
On 14 November 2017 at 16:40, Mike Johnson wrote:
> Ludwig, thank you for the prompt, helpful reply.
>
> I've deleted the stale replication agreements, cleaned the dangling
> RUVs and renamed the huge fi
Ludwig, thank you for the prompt, helpful reply.
I've deleted the stale replication agreements, cleaned the dangling
RUVs and renamed the huge file. It recreated the file but it's
nowhere near as big as it was.
Now, on the second issue, it doesn't appear to be listening on port 636.
The steps I
On ti, 14 marras 2017, Chris Dagdigian via FreeIPA-users wrote:
Hi folks,
Have an AWS footprint that thanks to FreeIPA can talk to a really
complex remote AD forest with lots of transitive trusts and child
domains. Would not be possible without FreeIPA in the mix.
So far we've only really be
We have a range of OS X versions from 10.10 and newer. Our RADIUS server
(running FreeRadius on Linux) is using FreeIPA for the authentication via
LDAP. Our WiFi access point is configured to talk to the radius server
for authentication.
*Mike Plemmons | Senior DevOps Engineer | CrossChx*
6
Hi folks,
Have an AWS footprint that thanks to FreeIPA can talk to a really
complex remote AD forest with lots of transitive trusts and child
domains. Would not be possible without FreeIPA in the mix.
So far we've only really been required to grant admin/sudo access and
we've done that indiv
On ti, 14 marras 2017, Zach Bayne wrote:
trust add completes and logs attached.
appreciate the help
Zach, I'd suggest you to re-establish trust again, to re-generate
cross-forest trust object passwords which you made public by posting
link to logs to the list.
Anyway, the trust itself seems to
Thanks! I somehow missed that the group wasn't required.
On Fri, Nov 10, 2017 at 11:33 AM, Rob Crittenden
wrote:
> Kristian Petersen via FreeIPA-users wrote:
> > I did that before sending my initial email. The command group_find()
> > only appears to look for the group name that you tell it to
Michael,What version of Mac OS X are your MacBooks running? 10.12.5+?
You are using Windows Server for RADIUS auth correct?
On Monday, November 13, 2017 2:35 PM, Michael Plemmons via FreeIPA-users
wrote:
Our entire office is Macbooks.
Mike Plemmons | Senior DevOps Engineer | CrossCh
trust add completes and logs attached.
appreciate the help
https://drive.google.com/open?id=1SwiAaQkq4PttVaGNUBS_DoVP12Z53kZM
--
Golden Dog Development
z...@goldendogdev.net
636/395-0804
http://goldendogdev.net
--
All messages should be signed
27D1 C230 E66F BEF6 9697
D40E 2A04 2009 B9BD 15C5
27D1
Hello Rob,
Thanks for these answers. It seems to be much worse than I thought : ipa
host-show shows every certificates issued for the host, and each certificate
issued has its own request in LDAP (54K entries in ou=ca,ou=requests,o=ipaca)
I believe the correct way would be :
* Get the serial
I have active directory as dc1.ad.domainname and dc2.ad.domainname
I also have freeipa at ipa1.ipa.domainname and ipa2.ipa.domainname
both of them seem to work fine independently, I then created a trust and
set smb min and max to 2. from the server 2k12 side the trust validates
and from the ipa si
On 11/14/2017 11:40 AM, Mike Johnson via FreeIPA-users wrote:
Hi
I've got a small environment which had until recently 2 IPA servers.
Both CentOS 7.4.1708
Version info:
id1:
Name: ipa-server
Version : 4.5.0
Release : 21.el7.centos.2.2
Kernel: 3.10.0-693.5.2.el7.x86_64
389-ds-b
Hi
I've got a small environment which had until recently 2 IPA servers.
Both CentOS 7.4.1708
Version info:
id1:
Name: ipa-server
Version : 4.5.0
Release : 21.el7.centos.2.2
Kernel: 3.10.0-693.5.2.el7.x86_64
389-ds-base is at version 1.3.6.1
id5:
Name: ipa-server
Version
20 matches
Mail list logo
