Flo,
Thank you for the help. That is exactly what I needed. I was able to
successfully setup an ACL.
On Fri, Dec 27, 2019 at 12:22 PM Florence Blanc-Renaud
wrote:
> On 12/24/19 2:53 PM, Michael Plemmons via FreeIPA-users wrote:
> > We have a need where we want to allow a user
We have a need where we want to allow a user to submit their own CSR to
generate their own SSL certificate and to be able to download their own
certificate.
I get the following error:
Insufficient access: Principal 'testp...@mgmt.example.com' is not permitted
to use CA 'ipa' with profile
LeOL8uHTw2LHpc2onke96as9kQxhCLGgFmcC7U5EzqbXQqbT0/nCfkOVSh37xwTLK6YneJsfFlU8VbIoH0u/EK1rDdLvINo1ZmFv08kkCUirreECTetw==
description: 2;234;CN=Certificate Authority,O=MGMT.CROSSCHX.COM;CN=IPA RA,O=
MGMT.CROSSCHX.COM
---
ipa-server-upgrade on failing replica
The upgraded succeeded
On Mon, Dec 23, 2019 at 11:54 AM
I am updating from 4.6.4-10 to 4.6.5-11 on on CentOS 7. The server I am
working on is one of three in a production cluster.
The yum update failed and I get the Failed to authenticate to CA REST API
in the ipa upgrade log.
I have followed past emails that state the contents of
ldapsearch -D
Have you taken a look at this?
https://github.com/OpenVPN/openvpn/tree/master/src/plugins/auth-pam
That is a plugin we have on our OpenVPN server which is backed by FreeIPA.
In our OpenVPN server conf file we have a line that looks like this.
plugin
ewm...@yahoo.com> wrote:
> For the newer macbooks (High Sierra) how did you get around the TLS 1.2
> requirement? Did you generate a SSL cert and publish that to the RADIUS
> server?
>
>
>
> On Tuesday, November 14, 2017 9:54 AM, Michael Plemmons via FreeIPA-users <
> fre
> On Monday, November 13, 2017 2:35 PM, Michael Plemmons via FreeIPA-users <
> freeipa-users@lists.fedorahosted.org> wrote:
>
>
> Our entire office is Macbooks.
>
>
>
>
> *Mike Plemmons | Senior DevOps Engineer | CrossChx*
> 614.427.2411
> mike.plemm...@c
r 13, 2017 2:07 PM, Michael Plemmons via FreeIPA-users <
> freeipa-users@lists.fedorahosted.org> wrote:
>
>
> In order for us to make it work, I had to setup a RADIUS (FreeRadius)
> server which uses FreeIPA as its backend. Our WiFi access point is
> configured to point
In order for us to make it work, I had to setup a RADIUS (FreeRadius)
server which uses FreeIPA as its backend. Our WiFi access point is
configured to point to the RADIUS server. I had to make sure the AD trust
package was installed on the FreeIPA server in order for the proper
security
