On to, 16 joulu 2021, Harry G. Coin via FreeIPA-users wrote:
Alexander and others who care about dnssec:
Given the ongoing problems with opendnssec/libp11 and the many freeipa
routines and resources dedicated to working around it, has bind9's
native dnssec implementation improved to the point
On to, 16 joulu 2021, Sam Morris via FreeIPA-users wrote:
The CA has its own upgrade code which runs unconditionally and I think
that's how both secret and requiredSecret got added to server.xml. I
wasn't able to duplicate the 403 though, it always just worked for me.
Perhaps it has to go
> The CA has its own upgrade code which runs unconditionally and I think
> that's how both secret and requiredSecret got added to server.xml. I
> wasn't able to duplicate the 403 though, it always just worked for me.
> Perhaps it has to go through more than one upgrade cycle. I did my
> testing on
Alexander and others who care about dnssec:
Given the ongoing problems with opendnssec/libp11 and the many freeipa
routines and resources dedicated to working around it, has bind9's
native dnssec implementation improved to the point we can greatly reduce
the freeipa package count by just
On to, 16 joulu 2021, Sam Morris wrote:
On Thu, 2021-12-16 at 10:40 +0200, Alexander Bokovoy wrote:
As a workaround, you can skip upgrading ipa-selinux package if that is
possible (it seemed to work in my tests). 'dnf upgrade' should make it
possible to skip that.
Thanks. For me a 'dnf
On Thu, 2021-12-16 at 17:16 +0200, Alexander Bokovoy wrote:
> On to, 16 joulu 2021, Sam Morris wrote:
> > On Thu, 2021-12-16 at 16:28 +0200, Alexander Bokovoy wrote:
> > > On to, 16 joulu 2021, Sam Morris wrote:
> > > >
> > > > But I don't see the link with ipa user-mod
On to, 16 joulu 2021, Sam Morris wrote:
On Thu, 2021-12-16 at 16:28 +0200, Alexander Bokovoy wrote:
On to, 16 joulu 2021, Sam Morris wrote:
>
> But I don't see the link with ipa user-mod --auth-user-type=hardened...
> in my case it just seems to make it impossible to log in as the user at
>
On Thu, 2021-12-16 at 16:28 +0200, Alexander Bokovoy wrote:
> On to, 16 joulu 2021, Sam Morris wrote:
> >
> > But I don't see the link with ipa user-mod --auth-user-type=hardened...
> > in my case it just seems to make it impossible to log in as the user at
> > all...
>
> For hardened, I think I
On to, 16 joulu 2021, Sam Morris wrote:
On Thu, 2021-12-16 at 15:08 +0200, Alexander Bokovoy wrote:
On to, 16 joulu 2021, Sam Morris via FreeIPA-users wrote:
> I was wondering what the purpose of 'ipa user-mod
> --auth-user-type=hardened' was. In the web UI the option is
> labelled
> "Hardened
On Thu, 2021-12-16 at 15:08 +0200, Alexander Bokovoy wrote:
> On to, 16 joulu 2021, Sam Morris via FreeIPA-users wrote:
> > I was wondering what the purpose of 'ipa user-mod
> > --auth-user-type=hardened' was. In the web UI the option is
> > labelled
> > "Hardened Password (by SPAKE or FAST)".
> >
On to, 16 joulu 2021, Sam Morris via FreeIPA-users wrote:
I was wondering what the purpose of 'ipa user-mod
--auth-user-type=hardened' was. In the web UI the option is labelled
"Hardened Password (by SPAKE or FAST)".
What I found (by setting KRB5_TRACE=/dev/stderr) was that without
setting this
Hi,
I guess it depends which log you're considering.
Some services drop a configuration snippet in /etc/logrotate.d (for
instance httpd, named, and others), and this snippet defines a log rotation
policy. For more details refer to man logrotate(8) and man
logrotate.conf(5).
The LDAP server has
Retention of some log files is determined by the files in /etc/logrotate.d. For
others you'd have to look at the configuration of individual services on the
server (e.g., for the directory service look inside the cn=config entry; for
the CA service look at /etc/pki/pki-tomcat/logging.properties
I was wondering what the purpose of 'ipa user-mod --auth-user-type=hardened'
was. In the web UI the option is labelled "Hardened Password (by SPAKE or
FAST)".
What I found (by setting KRB5_TRACE=/dev/stderr) was that without setting this
option, kinit already opportunistically uses SPAKE:
$
Hi Team ,
Could you please help me understand or tell what is the log retention period
for FreeIPA ? Couldnt get a clean/clear answer to this anywhere .How can we
find out this information . Thanks
___
FreeIPA-users mailing list --
On Thu, 2021-12-16 at 10:40 +0200, Alexander Bokovoy wrote:
>
> As a workaround, you can skip upgrading ipa-selinux package if that is
> possible (it seemed to work in my tests). 'dnf upgrade' should make it
> possible to skip that.
Thanks. For me a 'dnf upgrade --nobest' did the trick.
--
On ke, 15 joulu 2021, Alexander Bokovoy via FreeIPA-users wrote:
On ke, 15 joulu 2021, Sam Morris via FreeIPA-users wrote:
On ma, 13 joulu 2021, Alexander Bokovoy via FreeIPA-users wrote:
RHSA-2021:5142 adds RHEL IdM fix that should work together with Samba
changes introduced in
17 matches
Mail list logo