I just had the same problem. Found out that I had switched the interface that
held the IP, on the client machine that lost its DNS record, and I had
registered with `--enable-dns-updates`. On updating the interface in
`/etc/sssd/sssd.conf` things worked cleanly again and the DNS record was
Would you mind showing me how you have FreeRADIUS setup?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
So I have anyconnect working now.
In sssd.conf I added:
[domain]
use_fully_qualified_names = True
full_name_format = %1$s@%2$s
and now all users in `who` are user@domain
However, setting it to the following does not change the behavior and
gnome_session_binary is still started as user@domain
Hey folks,
We are running a lot of server, we nearly exhausted and allocated our
/29 ipv6 allocation*.
Let's say we have 10 really, really important servers that only a
handful of people should be able to access. Everyone else not.
So I have a fixed group of known "critical servers" and a
NAZAN CENGIZ wrote:
> Hi Rob,
> You talked ;
> nova-join create under Openstack compute node a insteance.
> We company is support Redhat and start Tempest.
> Tempest says Tripleo Compute and Controller testing.
> https://vakwetu.fedorapeople.org/novajoin-OpenStackBoston2017.pdf
> I don't see
Till Hofmann via FreeIPA-users wrote:
> Hi all,
>
> I managed to work around the issue by:
> 1. Setting up the replica without the CA (i.e., `ipa-replica-install` without
> `--setup-ca`)
> 2. Set up the CA with `ipa-ca-install`. This also failed at some point
> (because it could not contact the
Hi all,
I managed to work around the issue by:
1. Setting up the replica without the CA (i.e., `ipa-replica-install` without
`--setup-ca`)
2. Set up the CA with `ipa-ca-install`. This also failed at some point (because
it could not contact the old master on port 8443), but it seemed to do
Saurabh Garg via FreeIPA-users wrote:
> Hi Florence,
> Thanks for all the help so far.
>
> In the scenario where we need to change the current ca certificate with the
> one signed by an external CA:
> As per your suggestion we are running "ipa-cacert-manage install" command to
> provide all the
Just for the records:
The reason was an updated external root certificate, that I had
imported with bad trust attributes about 2 years ago. My bad.
After fixing the trust attributes freeipa is running again,
probably better than before. There is just a minor issue with
a duplicate csreplica
Some more information:
`who` returns
u...@dom.ain :0 2019-7-25 (:0)
user pts/0 2019-7-25 (:0)
Logging in to just the terminal tty (using ctrl+alt+f2) logs me in as user with
smartcard. So somehow, using the smartcard login starts up the X display as
u...@dom.ain but all the other
Awesome!
Thanks so much!
Guillermo
On Fri, Jul 26, 2019 at 4:18 AM Fraser Tweedale wrote:
> On Tue, Jul 23, 2019 at 09:34:45PM -0400, Guillermo Fuentes wrote:
> > Thanks so much Fraser for your reply.
> > Looking forward to your blog post!
> > All the best,
> > Guillermo
> >
> Here you go:
>
>
Hi Florence,
Thanks for all the help so far.
In the scenario where we need to change the current ca certificate with the one
signed by an external CA:
As per your suggestion we are running "ipa-cacert-manage install" command to
provide all the CA certs in chain, one at a time, starting from the
Hi Arpit,
On 7/26/19 9:18 AM, Arpit Tolani wrote:
> I added Replication timeout in /usr/share/dirsrv/data/template-dse.ldif
> on replica before ipa-replica-install which took care of time consumed
> for large data getting replicated.
>
>
On Tue, Jul 23, 2019 at 09:34:45PM -0400, Guillermo Fuentes wrote:
> Thanks so much Fraser for your reply.
> Looking forward to your blog post!
> All the best,
> Guillermo
>
Here you go:
https://frasertweedale.github.io/blog-redhat/posts/2019-07-26-dogtag-replica-ranges.html
Cheers,
Fraser
>
I added Replication timeout in /usr/share/dirsrv/data/template-dse.ldif on
replica before ipa-replica-install which took care of time consumed for
large data getting replicated.
15 matches
Mail list logo