On 10/18/23 15:55, Rob Crittenden wrote:
Harry G Coin via FreeIPA-users wrote:
On 10/18/23 10:33, Christian Heimes wrote:
On 18/10/2023 16.57, Harry G Coin wrote:
On Tue, Oct 17, 2023 at 7:50 PM Christian Heimes via FreeIPA-users
wrote:
On 17/10/2023 19.32, Harry G Coin via
Harry G Coin via FreeIPA-users wrote:
>
> On 10/18/23 10:33, Christian Heimes wrote:
>> On 18/10/2023 16.57, Harry G Coin wrote:
>>>
On Tue, Oct 17, 2023 at 7:50 PM Christian Heimes via FreeIPA-users
wrote:
On 17/10/2023 19.32, Harry G Coin via FreeIPA-users wrote:
>
Bonsoir
Le 18/10/2023 à 19:43, Rob Crittenden via FreeIPA-users a écrit :
Right, so ipa-ca-install did effectively replace the old CA, but you're
not done yet. As Flo points out, the HTTP and 389-ds (and who knows
about PKINIT) certs were issued by a 3rd party.
At this point in the thread I
Florence Blanc-Renaud wrote:
> Hi,
>
> On Wed, Oct 18, 2023 at 4:11 PM Frederic Ayrault
> mailto:f...@lix.polytechnique.fr>> wrote:
>
> Bonjour,
>
> Le 18/10/2023 à 15:33, Florence Blanc-Renaud a écrit :
>> Hi,
>>
>>
>> CNRS2 and CNRS2-Standard are part of the CA chain that
On 10/18/23 10:33, Christian Heimes wrote:
On 18/10/2023 16.57, Harry G Coin wrote:
On Tue, Oct 17, 2023 at 7:50 PM Christian Heimes via FreeIPA-users
wrote:
On 17/10/2023 19.32, Harry G Coin via FreeIPA-users wrote:
'security' and 'other' seemingly 'unrelated' 'upgrades' to
On 10/18/23 07:30, Florence Blanc-Renaud via FreeIPA-users wrote:
Hi,
this guide explains the possible strategies for disaster recovery:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/preparing_for_disaster_recovery_with_identity_management/index
And that one
On 18/10/2023 16.57, Harry G Coin wrote:
On Tue, Oct 17, 2023 at 7:50 PM Christian Heimes via FreeIPA-users
wrote:
On 17/10/2023 19.32, Harry G Coin via FreeIPA-users wrote:
'security' and 'other' seemingly 'unrelated' 'upgrades' to
packages n levels deep but whose previously
Hi,
On Wed, Oct 18, 2023 at 4:11 PM Frederic Ayrault
wrote:
> Bonjour,
>
> Le 18/10/2023 à 15:33, Florence Blanc-Renaud a écrit :
>
> Hi,
>
>
> CNRS2 and CNRS2-Standard are part of the CA chain that issued your HTTP
> and LDAP server certificates, they should not be removed.
> When you install
On Tue, Oct 17, 2023 at 7:50 PM Christian Heimes via FreeIPA-users
wrote:
On 17/10/2023 19.32, Harry G Coin via FreeIPA-users wrote:
'security' and 'other' seemingly 'unrelated' 'upgrades' to
packages n levels deep but whose previously un-noticed freeipa
killing
On 10/17/23 12:50, Christian Heimes via FreeIPA-users wrote:
On 17/10/2023 19.32, Harry G Coin via FreeIPA-users wrote:
'security' and 'other' seemingly 'unrelated' 'upgrades' to packages
n levels deep but whose previously un-noticed freeipa killing
race-condition or other bug manifests
Bonjour,
Le 18/10/2023 à 15:33, Florence Blanc-Renaud a écrit :
Hi,
CNRS2 and CNRS2-Standard are part of the CA chain that issued your
HTTP and LDAP server certificates, they should not be removed.
When you install a new embedded IPA CA, it doesn't replace the
existing HTTP and LDAP server
Hi,
On Tue, Oct 17, 2023 at 5:47 PM Frederic Ayrault
wrote:
>
> Le 17/10/2023 à 17:23, Rob Crittenden a écrit :
> > So if I've followed this thread correctly, what you're doing is:
> > - Taking replica ipa3? and forcibly disconnecting it from an existing
> > IPA installation
>
> This is just
> Works without problems. Does not migrate UPGs nor ignore kerberos data:
> ipa migrate-ds --with-compat --user-container='cn=users,cn=accounts'
> --group-container='cn=groups,cn=accounts' ldap://ipa.example.com
>
> Migrates UPGs and other groups, but no users because of "mepOriginEntry":
> ipa
Hi,
this guide explains the possible strategies for disaster recovery:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/preparing_for_disaster_recovery_with_identity_management/index
And that one how to recover:
> On Срд, 11 кас 2023, Finn Fysj via FreeIPA-users wrote:
>
> IPA memberof access permission was always limited to authenticated LDAP
> binds.
>
>
> So this is what somebody (old admin?) addded explicitly.
Correct.
Thanks for your help, Alexander.
Hi,
On Tue, Oct 17, 2023 at 8:20 PM HUANG, TONY via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Hi Rob,
>
> The CSR is generated within the web UI by following this section "Web UI:
> Requesting new certificates" (
>
Hi!
While doing a yearly disaster recovery I encountered a strange issue, of the
749 users in production environment 748 got successfully imported, but one user
is missing.
"kinit missing.username" just warns that the user was not found in Kerberos
database while getting initial credentials.
17 matches
Mail list logo