[Freeipa-users] Re: Pausing replication or another approach to testing whilst limiting blast radius

2020-04-24 Thread Rob Crittenden via FreeIPA-users
David Harvey via FreeIPA-users wrote: > Dear list, > > I'd like to do a test run of a script that I use to sync our HR data > with our freeipa infrastructure. Is it possible to pause replication, or > essentially fence a server off, so that if I run the updated script > against it, I can limit

[Freeipa-users] Re: Ansible tasks for certprofiles and ca-acls

2020-04-24 Thread Philipp Leusmann via FreeIPA-users
Hi Rafael, I am aware of the deprecation of wildcard certs. I do not see a feasible other option in my case, since the certificate needs to match dynamic subdomains. So I'll take this. Thanks for your command-proposal. How do you recommend to perform authentication to issue the command?

[Freeipa-users] Pausing replication or another approach to testing whilst limiting blast radius

2020-04-24 Thread David Harvey via FreeIPA-users
Dear list, I'd like to do a test run of a script that I use to sync our HR data with our freeipa infrastructure. Is it possible to pause replication, or essentially fence a server off, so that if I run the updated script against it, I can limit the changes to that target server until I've checked

[Freeipa-users] Re: Plans for integrating DHCP

2020-04-24 Thread Jochen Kellner via FreeIPA-users
Hello Ronald, Ronald Wimmer via FreeIPA-users writes: > are there any plans to integrate a DHCP server into FreeIPA. We have > several environments where a lack of DHCP is a showstopper at the > moment. I have a (simple) script running that creates a configuration snippet for dnsmasq from the

[Freeipa-users] Re: Plans for integrating DHCP

2020-04-24 Thread Alexander Bokovoy via FreeIPA-users
On pe, 24 huhti 2020, Ronald Wimmer via FreeIPA-users wrote: Hi there, are there any plans to integrate a DHCP server into FreeIPA. We have several environments where a lack of DHCP is a showstopper at the moment. No official plans yet. However, there is a draft version at

[Freeipa-users] Plans for integrating DHCP

2020-04-24 Thread Ronald Wimmer via FreeIPA-users
Hi there, are there any plans to integrate a DHCP server into FreeIPA. We have several environments where a lack of DHCP is a showstopper at the moment. Cheers, Ronald ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To

[Freeipa-users] Re: SERVFAIL for one hostname

2020-04-24 Thread Tiemen Ruiten via FreeIPA-users
Hello, On Tue, Apr 21, 2020 at 1:20 PM Tiemen Ruiten wrote: > On Tue, Apr 21, 2020 at 1:10 PM Tiemen Ruiten > wrote: > >> Hello, >> >> On Tue, Apr 21, 2020 at 12:46 PM François Cami wrote: >> >>> Hi, >>> >>> On Tue, Apr 21, 2020 at 12:19 PM Tiemen Ruiten via FreeIPA-users >>> wrote: >>> >

[Freeipa-users] Ipa-client-install ldaps

2020-04-24 Thread Per Qvindesland via FreeIPA-users
HI Is it possible to run ipa-client-install when the host only listens to ldaps (636)? We have a policy that all traffic must be sent encrypted hence using ldap (389) is not possible. Regards Per ___ FreeIPA-users mailing list --