[Freeipa-users] Re: Can Load balanced HTTP service use kerberos authentication?

I've used shared keytabs before to create a loadbalanced squid instance. This way you don't even need to use sticky balancing since all nodes that have the key material will be able to decrypt TGSs for the shared service. Be sure to use the -r option with ipa-getkeytab, otherwise the secret

[Freeipa-users] Re: Free IPA trust based AD users are not prompted for smart card pin.

I believe you need to set them up in the "Default Trust View" within IPA Verzonden vanaf mijn Samsung-apparaat Oorspronkelijk bericht Van: Frank Rey via FreeIPA-users Datum: 25-07-17 03:46 (GMT+01:00) Aan: FreeIPA users list

[Freeipa-users] Re: admin account locked due to external ssh authentication attempts

Configure SSSD on that client with [nss] filter_users = root, admin Verzonden vanaf mijn Samsung-apparaat Oorspronkelijk bericht Van: peter--- via FreeIPA-users Datum: 19-06-17 16:09 (GMT+01:00) Aan:

[Freeipa-users] Re: Ansible and ipa-client-install

Hi, For our puppet profile we use ipa-client-install unless the file /etc/ipa/default.conf exists (which is created by ipa-client-install), this should work for ansible as well. The creates option in both puppet exec and ansible shell modules seem to serve the same purpose in that regard.