Hi !
After you advice i did this :
# kinit admin
# ipa ping
IPA server version 4.6.90.pre1+git20180411. API version 2.229
# ipa-cacert-manage -p 'Q*password' -n COMODO -t C,, install
/home/addtrustexternalcaroot2.crt
Installing CA certificate, please wait
CA certificate successfully
Hi!
I use freeipa-server 4.7.0~pre1+git20180411-2ubuntu2 on Ubuntu 18.04.4 LTS
I installed freeipa-serve in default mode ( ipa-server-install )
Now i try change certificate on Comodo as write in this article
https://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
my steps:
1
When execute ipa-certupdate get this :
ipapython.admintool: DEBUG: The ipa-certupdate command failed, exception:
KerberosError: No valid Negotiate header in server response
ipapython.admintool: ERROR: No valid Negotiate header in server response
ipapython.admintool: ERROR: The ipa-certupdate
Thank you
your advice helped me)
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
Hi!
I rebuild my server now I use Centos 8
I installed freeipa :
# ipa-server-install
and try to change self sign certificate on Comodo.
My steps:
- get root CA from gogetssl.com
- ipa-cacert-manage -p password -n ARAX -t C,, install /root/ca.crt
- ipa-certupdate
- ipa-server-certinstall -w -d
Hi!
I want create Encryption LVM and install Freeipa. In what directory freeipa
save all sensetive data ?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Hi!
When i use command
ldapsearch -h ldap.exemple.com -p 389 -x -b dc=exemple,dc=com -L
I get all information about my instance without any authentication
How i can set authentication to this action ?
When i change port
ldapsearch -h ldap.exemple.com -p 636 -x -b dc=exemple,dc=com -L
I didnt
Hi!
I need create accounts for integrations with different system. I don`t wont use
standart accounts. So i tried create system user as discribe here
Use a system account, created like this:.
# ldapmodify -x -D 'cn=Directory Manager' -W
after this command i get
Enter LDAP Password: (witch
Hi!
I tried connect freeipa to Keycloak. And hove some questions about attribute
and filters
I filled in this way:
* Username LDAP attribute uid
* RDN LDAP attribute uid
* UUID LDAP attribute uid
* User Object Classes memberOf
* Connection URL ldap://ldap.example.com
* Users DN
Hi!
I use Freeipa VERSION: 4.8.0, API_VERSION: 2.233
I want use Freeipa as user store for other web services (like jira,
jenkins,gitlab etc). For security reasons we need 2 factor authentication. I
read about OTP in Freeipa but allmost post about host authentication ? How i
can setup OTP for
Yes it help, thank you!
Did you know can i restrict login without OTP ?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
Hi!
Have the same issue with another Centos 8 server
I use CA witch i used successful on privius server
But here i get error after
ipa-cacert-manage -p 'password' -n ARAX -t C,, install /home/xattab/ca.crt
Installing CA certificate, please wait
Not a valid CA certificate: certutil:
Hi!
I try to setup replication.
Freeipa version - 4.8.0, API_VERSION: 2.233
I have installed free ipa server and tried connect replica as describe in
https://www.freeipa.org/page/V4/Replica_Setup
Aftet this command ipa-client-install --domain=example.test
--realm=EXAMPLE.TEST
Good day!
I setup integration Freeipa with Jamf. I mapped default user attributes from
Identity Settings like:
Job Title
First name
Last name
Email
In Jamf i have more user attributes (Department, Building). My question is
How i can mapping user attributes form Employee Information to
Good day!
I tried add windows host in Freeipa and get
04:05:59.302019 IP (tos 0x0, ttl 123, id 27536, offset 0, flags [none], proto
UDP (17), length 205)
cyberark-psm.exemple.com.54676 > ldap.exemple.com.kerberos: [udp sum ok] v5
04:05:59.303073 IP (tos 0x0, ttl 64, id 24242, offset 0,
15 matches
Mail list logo