Thanks for the tip!
On Wed, 9 Jan 2019, 3:57 am Rob Crittenden Md. Khairul Hasan via FreeIPA-users wrote:
> > Hi Experts,
> >
> > I want to change the system time for my IPA server from UTC time to
> local time. Is it mandatory to restart the service after changing the
> system time ?
> >
>
>
nandha kumar writes:
> I am running redhat 7.5 with freeipa 4.5 . I have established AD one
> way sync using password. I am able to ssh the ipa client and ipa
> server with windows administrator account , But when I try to login
> with normal AD user I am receiving the error " kinit: Password
>
K. M. Peterson via FreeIPA-users wrote:
> Hi all,
>
> This is a newbie question with respect to FreeIPA, and I haven't seen
> this elsewhere, so I thought I'd ask.
>
> I've just cleaned up an issue with trying to implement a new replica on
> our domain, and I've realized that there are a couple
> On Jan 8, 2019, at 3:12 PM, Rob Crittenden wrote:
>
> You didn't happen to keep a list of the entries/values you removed did you?
>
> rob
In my experience, there were dozens of them and I gave up before the thing
finally recovered. Since others were successful, I’m sure it was possible,
K. M. Peterson via FreeIPA-users wrote:
> I'm going to reply to myself, after several more hours of digging, I
> discovered that although it wasn't true at the time I posted the above
> question, eventually, as with the original post from Lachlan Musicman
>
Pedro Perdido via FreeIPA-users wrote:
> Hello,
>
> I'm trying to renew the CA certificate and I keep getting the error "CA
> certificate chain in ipaRenew.crt, extCA.crt is incomplete: missing
> certificate with subject 'CN=pedroperdido.com'".
> I have found some people complaining about DN
Rob Townley via FreeIPA-users wrote:
> Me too. When the WiFi is on a different vLan and subnet from the
> wired, it is easier because their subdomain is different. But often
> that is not the case.
>
> On Sat, Jan 5, 2019 at 5:06 AM 74cmonty via FreeIPA-users
> wrote:
>>
>> Hi,
>> adding a
mustafa taha via FreeIPA-users wrote:
> Hi
> i am new user of Freeipa
> i have built two Freeipa one server and other replica .
> the problem is when i enter authenticate in the web UI , this message appear
> :
> Some operations failed.
> Hide details
> The search criteria was not
Hi,
Thanks for the reply, I appreciate it. It looks like that is exactly the issue.
On the master server….
# certutil -L -d /etc/apache2/nssdb -n ipaCert | grep "Not After"
Not After : Wed Nov 21 01:25:31 2018
Also in ‘getcert list’ on the master….
Request ID '20161201012533':
Md. Khairul Hasan via FreeIPA-users wrote:
> Hi Experts,
>
> I want to change the system time for my IPA server from UTC time to local
> time. Is it mandatory to restart the service after changing the system time ?
>
IMHO I'd reboot to ensure that all services on the box pick up the new
hi all,
we are running centos76 with ipa-server-4.6.4-10.el7 (one master and one
replica; the upgrade went fine on both) and we have a problem with pki
tomcat. (we are not sure since when this occurs, but it might be from
after the update)
ipactl status is ok on both master and replica,
Christopher Lamb wrote:
> Thanks Rob, that is good news.
>
> My original question was specific to port 443.
>
> Will the upgrade disable RC4 on all other ports used by IPA and its
> sub-components (e.g. DogTag, 389)
I believe those already defaulted to RC4 disabled so we didn't need to
touch
Hi Team,
I am running redhat 7.5 with freeipa 4.5 . I have established AD one way sync
using password.
I am able to ssh the ipa client and ipa server with windows administrator
account , But when I try to login with normal AD user I am
receiving the error " kinit: Password incorrect while
Hi Alexander,
> >What would I need to do on the IPA client for it to prefer IPv6? I am
> >aware I could remove IPv4 address from DNS, but that would break any
> >communication from IPv4 only systems. Any assistance would be
> appreaciated.
> Check that SSSD-generated kdcinfo has IPv6 only
Hi Petr,
I was asked to take a look at this issue. I wanted to know if, in parallel,
there is a customer case open in redhat portal.
If not, could you provide the /var/log/pki-tomcat/ca/debug log file and the
timestamp of resubmission ?
I would not change manually the cert db's under
On 1/8/19 3:51 PM, dbischof--- via FreeIPA-users wrote:
Hi Florence,
On Mon, 7 Jan 2019, Florence Blanc-Renaud wrote:
[...]
i shaved this thread a little, since it gets confusing. Hope i kept the
interesting bits.
The errors related to "Unable to find request for serial xxx" mean
that
Christopher Lamb via FreeIPA-users wrote:
> Hi All
>
> We operate an IPA Server version 4.2 on OEL 7.2.
>
> This installation supports RC4 Cipher Suites on port 443. I understand
> that this is the port accessed by IPA command line tools.
>
> How do I disable RC4?
>
> From the release
Hi Florence,
On Mon, 7 Jan 2019, Florence Blanc-Renaud wrote:
[...]
i shaved this thread a little, since it gets confusing. Hope i kept the
interesting bits.
The errors related to "Unable to find request for serial xxx" mean
that the cert is tracked by certmonger, but there is no
Hi All
We operate an IPA Server version 4.2 on OEL 7.2.
This installation supports RC4 Cipher Suites on port 443. I understand that this is the port accessed by IPA command line tools.
How do I disable RC4?
From the release notes for IPA 4.3.1, I see various changes removing support for
Was wondering if anyone had a chance to look through the logs posted for
anything useful?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of
On ti, 08 tammi 2019, Kees Bakker via FreeIPA-users wrote:
On 08-01-19 10:18, Alexander Bokovoy wrote:
On ti, 08 tammi 2019, Kees Bakker via FreeIPA-users wrote:
Hey,
Is there any chance that the combination FreeIPA + Samba + Ubuntu
is going to work in the near future? So far I haven't been
Hello,
I'm trying to renew the CA certificate and I keep getting the error "CA
certificate chain in ipaRenew.crt, extCA.crt is incomplete: missing certificate
with subject 'CN=pedroperdido.com'".
I have found some people complaining about DN encode mismatch during the
renewal process, so I
On 08-01-19 10:18, Alexander Bokovoy wrote:
> On ti, 08 tammi 2019, Kees Bakker via FreeIPA-users wrote:
>> Hey,
>>
>> Is there any chance that the combination FreeIPA + Samba + Ubuntu
>> is going to work in the near future? So far I haven't been able to.
>>
>> The main purpose is to give Windows
On ti, 08 tammi 2019, Kees Bakker via FreeIPA-users wrote:
Hey,
Is there any chance that the combination FreeIPA + Samba + Ubuntu
is going to work in the near future? So far I haven't been able to.
The main purpose is to give Windows users access to disk space
on our (Ubuntu) servers. And with
Hey,
Is there any chance that the combination FreeIPA + Samba + Ubuntu
is going to work in the near future? So far I haven't been able to.
The main purpose is to give Windows users access to disk space
on our (Ubuntu) servers. And with their IPA credentials.
I know that Alexander knows a whole
25 matches
Mail list logo