[Freeipa-users] Re: EMC Isilon and IPA - Kerberos

We appear to have the isilon talking to Redhat's IPA / IdM using kerberos as nfs4 and krb5 work, so I assume this will work with freeipa. Do the LDAP part as described elsewhere. If you have access to RH support kbase, based on RHEL6 notes for non-IPA joined NFS servers (See Debian10 NFS

[Freeipa-users] Re: 'transportCert cert-pki-kra' mix up

GH via FreeIPA-users wrote: > Had to copy the ASCII into the CS.cfg on the "secondary" manually. Now > everything shows that it's happy from my untrained eye. Is there a way to > test that the CS.cfg will now copy over correctly or that certs will be > replicated correctly? Appreciate all of

[Freeipa-users] Re: Allow AD users to manage multiple certificates

On to, 03 helmi 2022, Pedro Bezunartea Lopez via FreeIPA-users wrote: Hi! This is our currently working setup: - AD Domain: ourdomain.local (working fine for Windows users' authentication, Domain Controllers, etc...) - IPA Domain: idm.ourdomain.local (Trust relation successfully setup with

[Freeipa-users] Re: IPA WebUI login fails

Hi, did you define an idoverride-user for your AD user as described in Authenticating to the IdM Web UI as an AD User ? flo On

[Freeipa-users] Re: IPA WebUI login fails

Hi Pedro, I've tried and restart several times, without any success. I have to mention that this issue is only with the ActiveDirectory users, with IPA defined users it works properly. Regards, iulian roman ___ FreeIPA-users mailing list --

[Freeipa-users] SPNEGO cannot find mechanisms to negotiate

On my fairly recently created replica, trying to sign on to the webUI fails both with a ticket and with username/password. The httpd error log reports: [Thu Feb 03 09:43:20.551081 2022] [wsgi:error] [pid 332932:tid 14068185152] [remote 2001:123:aa:123:0:90cc:a629:cf42:5877:50870] ipa: INFO:

[Freeipa-users] Re: IPA WebUI login fails

Hi iulian, Have you tried: 1. Login to your idm 2. kinit admin 3. Restart ipa: ipactl restart Additionally, can you see any users when logged in as admin you browse to https://youripaserver.example.local/ipa/ui/#/e/idview/idoverrideuser/Default%20Trust%20View ? Regards, Pedro.

[Freeipa-users] IPA WebUI login fails

Hello everybody, If I try to login via WebUI with an AD account , i get the following error: 'Your session has expired. Please log in again.' in the WebUI interface. I the http access logs i have the following entry: user@EXAMPLE.LOCAL [03/Feb/2022:14:54:13 +0100] "POST /ipa/session/json

[Freeipa-users] Allow AD users to manage multiple certificates

Hi! This is our currently working setup: - AD Domain: ourdomain.local (working fine for Windows users' authentication, Domain Controllers, etc...) - IPA Domain: idm.ourdomain.local (Trust relation successfully setup with the Domain Controllers) - AD users can login to the IPA Server with their

[Freeipa-users] Re: ipa-pki-wait-running: Connection failed: HTTPConnectionPool(host='idm.issc.io', port=8080): Read timed out

Hi Rob, Thank you for the feedback, the "secret" and "requiredSecret" in server.xml had different values, I checked for the correct value in /etc/httpd/conf.d/ipa-pki-proxy.conf and did fix it. Cheers! ___ FreeIPA-users mailing list --