David Harvey wrote:
> Thanks for your response Rob,
>
> If I were to attempt such a thing and it apparently succeeds, is there
> any kind of integrity/sanity check that you would run to probe for oddities?
Doubtful.
Chances are everything would be peachy but I just can't guarantee anything.
To
Thanks for your response Rob,
If I were to attempt such a thing and it apparently succeeds, is there any
kind of integrity/sanity check that you would run to probe for oddities?
Best wishes,
David
On Mon, 28 Oct 2019, 21:38 Rob Crittenden, wrote:
> David Harvey via FreeIPA-users wrote:
> >
David Harvey via FreeIPA-users wrote:
> Dear FreeIPA users,
>
> TL:DR *any* way of moving from 4.7.2->4.7.1?
>
> I've managed to get into a situation..
> On realising the support for Debian/Ubuntu was a bit ropey, I
> successfully made Fedora replicas and promoted them a year or so ago.
> These
Dear FreeIPA users,
TL:DR *any* way of moving from 4.7.2->4.7.1?
I've managed to get into a situation..
On realising the support for Debian/Ubuntu was a bit ropey, I successfully
made Fedora replicas and promoted them a year or so ago. These run OK, but
wanting to be off the treadmill of Fedora
Hi Alexander
Thanks for clarifying.
I don't see anything in the sssd_domain.log
I see something though in the sssd_nss.log file.
I crosschecked my sssd.conf file and corrected some spelling error and it seems
to work now. I can su and ssh with the AD Domain users on the ipa client. Only
thing
Hello,
after Updating my FreeIPA Machine with the following Packages
389-ds-base-1.4.1.8-4.fc30.x86_64 and
389-ds-base-libs-1.4.1.8-4.fc30.x86_64
my IPAServer will not start because of a Dirsrv Error:
[28/Oct/2019:15:24:33.197006547 +0100] - INFO - main - 389-Directory/1.4.1.8
B2019.288.179
Thanks.
I posted the bug report.
https://pagure.io/freeipa/issue/8106
-Kevin
> On Oct 28, 2019, at 9:24 AM, Alexander Bokovoy wrote:
>
> On ma, 28 loka 2019, Kevin Vasko via FreeIPA-users wrote:
>>
>>
>> Mainly looking for input on where to file a bug I think I found in
>>
On ma, 28 loka 2019, Kevin Vasko via FreeIPA-users wrote:
Mainly looking for input on where to file a bug I think I found in
p11-kit-trust.so but potentially caused by the FreeIPA client install
process on Ubuntu.
I have been trying to figure out a way of getting Ubuntu to load the
system
Mainly looking for input on where to file a bug I think I found in
p11-kit-trust.so but potentially caused by the FreeIPA client install process
on Ubuntu.
I have been trying to figure out a way of getting Ubuntu to load the system
wide certs like CentOS/Fedora does. Alexander helped me
Disregard my question.
I had to realize that ocsp responder is on plain http, so no need to hassle
there with additional certs there.
--
*Sándor Juhász*
System Administrator
*ChemAxon* *Kft*.
Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031
Cell: +36704258964
On Mon, Oct
One thing to check which was our problem when we first implemented this is that
every user must have a gidNumber assigned and that gidNumber has to be assigned
to a group existing in AD (might work if the group is just in IPA, never tested
that). Also, all of the groups that a user is a member
Elhamsadat Azarian wrote:
> Hi.
> Which details do u need? I will send.
Adding freeipa-users yet again. I'll stop responding if this continues.
We'd need to see the active HBAC Rules, hbactest output at a minimum.
The sssd logs on the failing machine might be relevant too but you'll
probably
Sandor Juhasz via FreeIPA-users wrote:
> Hi,
>
> we are running freeipa server 4.6.5.
> Facing the issue, where the ocsp responder in the Server-Cert is set
> to
> Name: Authority Information Access
> Method: PKIX Online Certificate Status Protocol
> Location:
>
Hi,
we are running freeipa server 4.6.5.
Facing the issue, where the ocsp responder in the Server-Cert is set
to
Name: Authority Information Access
Method: PKIX Online Certificate Status Protocol
Location:
URI: "http://ipa-ca.bpo.cxn/ca/ocsp;
Where the
On ma, 28 loka 2019, lejeczek via FreeIPA-users wrote:
On 23/10/2019 12:28, lejeczek via FreeIPA-users wrote:
hi everybody
when I install a replica and have DNS use cname records to a classless
zone I see:
Configuring DNS (named)
[1/8]: generating rndc key file
[2/8]: setting up our own
On 23/10/2019 12:28, lejeczek via FreeIPA-users wrote:
> hi everybody
>
> when I install a replica and have DNS use cname records to a classless
> zone I see:
>
> Configuring DNS (named)
> [1/8]: generating rndc key file
> [2/8]: setting up our own record
> [error] ValidationError: invalid
Thank you for help!
I read this documentation, its very intrasted and helpful.
But this is a bit complicated for me.
In the end I just downgrade mys samba to 4.8
It works fine!
Tanks!
28.10.2019, 16:36, "Alexander Bokovoy" :
> On ma, 28 loka 2019, Николай Савельев wrote:
>> 28.10.2019, 16:05,
On ma, 28 loka 2019, Николай Савельев wrote:
28.10.2019, 16:05, "Alexander Bokovoy" :
On ma, 28 loka 2019, Николай Савельев via FreeIPA-users wrote:
Hi
I updated my samba server to 4.9
After that I had problem with starting samba an found this tred:
https://pagure.io/freeipa/issue/7705
I
28.10.2019, 16:05, "Alexander Bokovoy" :
> On ma, 28 loka 2019, Николай Савельев via FreeIPA-users wrote:
>> Hi
>> I updated my samba server to 4.9
>> After that I had problem with starting samba an found this tred:
>> https://pagure.io/freeipa/issue/7705
>> I add user mapping net groupmap add
On ma, 28 loka 2019, Николай Савельев via FreeIPA-users wrote:
Hi
I updated my samba server to 4.9
After that I had problem with starting samba an found this tred:
https://pagure.io/freeipa/issue/7705
I add user mapping net groupmap add sid=S-1-5-32-546 unixgroup=nobody
type=builtin and samba
Hi
I updated my samba server to 4.9
After that I had problem with starting samba an found this tred:
https://pagure.io/freeipa/issue/7705
I add user mapping net groupmap add sid=S-1-5-32-546 unixgroup=nobody
type=builtin and samba works
But now samba is very-very-very slow!
Some operations,
On ma, 28 loka 2019, Danijel Bojic via FreeIPA-users wrote:
Hi dear freeipa-users :D
I am currently testing FreeIPA in a Windows Active Directory
environment.
The goal is to use this as a productive secondary domain with a one-way
trust from AD to FreeIPA. (We have lots of developers that work
Hi dear freeipa-users :D
I am currently testing FreeIPA in a Windows Active Directory environment.
The goal is to use this as a productive secondary domain with a one-way trust
from AD to FreeIPA. (We have lots of developers that work with Linux clients
(Fedora and CentOS) aswell as want to
23 matches
Mail list logo
