Hi,
For our servers, I test in Puppet for the existence of files under /var/lib/ipa
(for IPA servers) or /var/lib/ipa-client/ (for everything else).
Specifically, /var/lib/ipa{-client}/sysrestore/sysrestore.index should exist if
IPA setup has been run, and should not exist if IPA uninstall has
Hi all,
We have a number of CentOS 7 hosts enrolled with FreeIPA, and I have noticed
the ldap.conf on some hosts has two separate URI lines, similar to this:
URI ldaps://ipa.example.com
BASE dc=example,dc=com
TLS_CACERT /etc/ipa/ca.crt
URI https://ipa.example.com
This caused our configuration m
Hi,
By default the web UI tries network authentication for users before the page
displays.
The GSS error below indicates that initial negotiation fails, so no pop-up
window appears, and the UI doesn't load after that.
Have you tried using different browsers?
Have you also tried an install
Hi all,
My work is taking another look at options to enable user management with a
number of third party online services. Primarily to use with AWS, Github, and
Datadog.
I have been looking at options such as the new AWS SSO product, OneLogin, Okta,
etc
Is anyone using FreeIPA with one of the
On 13 June 2017 5:01:31 AM NZST, Jochen Hein via FreeIPA-users
wrote:
>
>Hallo,
>
>Dagan McGregor via FreeIPA-users
>writes:
>
>> I have been asked to configure FreeIPA 4.4 servers to handle VPN
>
>What kind of VPN do you use? What client do you use?
>
>
Hello,
I have been asked to configure FreeIPA 4.4 servers to handle VPN authentication
using a FreeRADIUS server, with 2FA being generated by a Yubikey given to each
user.
The existing radius server configuration uses PAM sssd and yubico modules with
a static file for the Yubikeys, and works