Hi folks.
I’m using freeipa in docker on one VM machine and for now, I satisfied how
that works, but I worried about backup.
Can someone tell me what is best practice for backup ipa which works in
docker?
Do I need to use backup scripts or some different method?
Thank you in advance.
*—*
, 2019, at 5:58 AM, Petar Kozić via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
Hi folks.
I’m using freeipa in docker on one VM machine and for now, I satisfied how
that works, but I worried about backup.
Can someone tell me what is best practice for backup ipa which
Hi,
does somebody know how can I do unnatended ipa-server-install with
docker-compose ?
I tried to add file ipa-server-install-options in /data (/var/lib/ipa-data)
with this options:
--realm=EXAMPLE.TEST
--ds-password=The-directory-server-password
--admin-password=The-admin-password
as I saw
?
*—*
*Petar Kozić*
On April 16, 2019 at 7:17:56 PM, Brian Topping (brian.topp...@gmail.com)
wrote:
On Apr 16, 2019, at 5:58 AM, Petar Kozić via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
Hi folks.
I’m using freeipa in docker on one VM machine and for now, I satisfi
Petar Kozić via FreeIPA-users wrote:
> Hi folks,
> one question.
> These days I join my machine into IPA. Almost all machine have Ubuntu
> 18.04. I jointed about 10 machine in last two days. Today I tried to
> join Debian 8 jessie but I have problem.
>
> All machine I j
Hi folks,
one question.
These days I join my machine into IPA. Almost all machine have Ubuntu
18.04. I jointed about 10 machine in last two days. Today I tried to join
Debian 8 jessie but I have problem.
All machine I join with same command:
ipa-client-install -U —domain=example.com
2019-05-20T11:13:58Z DEBUG Process finished, return code=0
2019-05-20T11:13:58Z DEBUG stdout=Restoring configuration
On May 17, 2019 at 4:40:47 PM, Rob Crittenden (rcrit...@redhat.com) wrote:
Petar Kozić via FreeIPA-users wrote:
>
>> Petar Kozić via FreeIPA-users wrote:
>>
error. In above command I
copied ca.crt from IPA if you think on that.
Thank you on your time.
On May 20, 2019 at 4:03:32 PM, Rob Crittenden (rcrit...@redhat.com) wrote:
Petar Kozić via FreeIPA-users wrote:
> @Rob, sorry for duplicate mail, I forget to do reply to all
>
>
> No, there is
Thank you very much for everything.
I tried curl and curl on https:// works, a get html response with whole
body
IPA: Identity Policy Audit
/lets-encrypt-and-the-freeipa-web-gui/
On May 20, 2019 at 3:28:50 PM, Rob Crittenden (rcrit...@redhat.com) wrote:
Petar Kozić via FreeIPA-users wrote:
> Here is the log files. I just want to inform you that I have that
> problem now also on Ubuntu 14.40 and Debian 8.
> On Ubuntu ipa clien
Thank you very much, I will check it and try.
On Fri, Apr 19, 2019, 16:58 Manuki San via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> Well, actually, this is exactly what I am trying to do. Here is my
> docker-compose.yml
>
> version: "2.3"
> services:
>
Ok, can someone share some relevant information about this, how I can do
that?
Some step-by-step guide or similar?
Thanks.
*—*
*Petar Kozic*
Hello,
AFAIK you should create a replica on the VPS (with all the IPA services
that have the actual server) and once it will be ready, you should
Hi,
I have FreeIPA server running in docker. I using FreeIPA for ssh
authentication on servers. I have about 25 servers added there and about 15
users.
I want to migrate that on VPS.
I checked all documentation about migration but I didn’t found some
reasonable process.
Can someone write me
-8859-1>
ipapython.admintool: ERROR: The ipa-server-certinstall command failed.
Thank you, when I put path looks different, but with new error :(
not in asn1Spec:
encoding iso-8859-1>
The ipa-server-certinstall command failed.
On December 23, 2019 at 5:45:51 PM, Florence Blanc-Renaud (f
Hi folks,
I have one IPA server in production for my small environment. There I set
Let’s Encrypt CA root and issue .p12 cert without problem.
Now, I want to install FreeIPA on VPS, but I have problem with Let’s
encrypt SSL. I can’t import SSL.
First, I imported CA certficates:
But this help me:
systemctl stop sssd
rm -rf /var/lib/sss/db/*
systemctl restart sssd
*—*
*Petar Kozić*
Hi,
On Fri, Jan 31, 2020 at 2:48 PM Petar Kozić via FreeIPA-users
wrote:
>
> Hi,
> I have one IPA server dirsrv001 and newone dirsrv002
>
> dirsrv001 is old server fr
Hi,
On Fri, Jan 31, 2020 at 2:48 PM Petar Kozić via FreeIPA-users
wrote:
>
> Hi,
> I have one IPA server dirsrv001 and newone dirsrv002
>
> dirsrv001 is old server from where I want to unroll my VPS’s and join to
new server. I do some testing with Ubuntu VPS’s and that works perf
Hi,
I have one IPA server dirsrv001 and newone dirsrv002
dirsrv001 is old server from where I want to unroll my VPS’s and join to
new server. I do some testing with Ubuntu VPS’s and that works perfect.
I have problem with one Centos 7 server.
I join client to dirsrv002 without problems but when
Yes, you are right, I bring up on same domain and realm.
Thanks for informing me.
On Fri, Jan 31, 2020, 17:22 Sumit Bose via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> On Fri, Jan 31, 2020 at 06:03:50AM -0800, Petar Kozić via FreeIPA-users
> wrote:
> >
Hi,
I’m using my IPA server in docker. I’m using that server last more than 8-9
months for ssh login.
Everything works well till few hours before.
I can’t login to ssh and I get this strange error:
[sssd[ldap_child[2171]]][2171]: Failed to initialize credentials using
keytab
I miss that I have this file, actually that is link file because I’m using
docker.
/etc/krb5.keytab
If I run *klist -kt /etc/krb5.keytab* I get
Keytab name: FILE:/etc/krb5.keytab
KVNO Timestamp Principal
---
--
I also noticed this file doesn’t exists
MEMORY:/etc/krb5.keytab
Please help me if someone knows. This is very important service for me.
Thank you !
*—*
*Petar Kozic*
On January 2, 2020 at 7:46:33 PM, Petar Kozić (petar.ko...@mint.rs) wrote:
Hi,
I’m using my IPA server in docker. I’m using
Thank you, I solved the problem. Problem was in network on ipa server.
Thanks.
On Fri, Jan 3, 2020, 19:24 Alexander Bokovoy wrote:
> On to, 02 tammi 2020, Petar Kozić via FreeIPA-users wrote:
> >I miss that I have this file, actually that is link file because I’m using
> >dock
Thank you, when I put path looks different, but with new error :(
not in asn1Spec:
encoding iso-8859-1>
The ipa-server-certinstall command failed.
On December 23, 2019 at 5:45:51 PM, Florence Blanc-Renaud (f...@redhat.com)
wrote:
On 12/23/19 4:52 PM, Petar Kozić via FreeIPA-users wr
Thank you, when I put path looks different, but with new error :(
not in asn1Spec:
encoding iso-8859-1>
The ipa-server-certinstall command failed.
On December 23, 2019 at 5:45:51 PM, Florence Blanc-Renaud (f...@redhat.com)
wrote:
On 12/23/19 4:52 PM, Petar Kozić via FreeIPA-users w
I have strange problem on replication server.
I set master server and I generate and set Let's encrypt.
On replica server I do same step but when I try to install pk12 I get error
about invalid credentials.
For private key unlock password I using weak pass which I set in the proces
of generated
Hi Alexander, thank you for your reply, can you point some details how can
I do that?
On Wed, Apr 29, 2020, 15:48 Alexander Bokovoy wrote:
> On ke, 29 huhti 2020, Petar Kozić via FreeIPA-users wrote:
> >Hi folks,
> >
> >My free iPA server works on public IP and need
Hi folks,
My free iPA server works on public IP and need to be public. Because of
that I have problem because admin user is often locked becuase too many
incorrect logins.
Can I filter admin user login to some IP and how?
Thank you.
___
FreeIPA-users
Hi,
docker container don’t have same structure as installed freeipa on linux
system, because you can’t find nothing under /var/lib
Check how you start ipa with docker and what you set as ipa folder.
From docker ipa documentation I can see this:
docker run --name freeipa-server-container -ti \
Hi,
I had Let’s encrypt SSL on my freeipa server. When I setup freeIPA for the
first time, I set Let’s encrypt on next way:
I installed DST CA ROOT and LetsEncrypt intermediate with next command:
ipa-cacert-manage -n DSTRootCAX3 -t C,, install DTSRootCAX3.pem
ipa-cacert-manage -n LetsEncryptX3
I sorted problem. I need to import new R3 Let’sencrypt intermediate before
issue of new SSL.
ipa-cacert-manage -n R3 -t C,, install letsencrypt_r3.pem
ipa-certupdate -v
renewl Let’s encypt ssl.
> On 20.01.2021., at 10:37, Petar Kozić wrote:
>
> Hi,
> I had Let’s encrypt SSL on my freeipa
Hi folks,
I want to unjoin several linux servers from IPA, but I want to still use same
usernames locally.
When I unjoin server from IPA user UID and GID changed to IPA UID and GID, and
that users I don’t have locally in passwd file.
How can I smooth migrate that users to local users?
P.S. I
32 matches
Mail list logo