There is IPA provider, but no sssd_pac module.
[service_startup_handler] (0x0010): Could not exec /usr/lib/sssd/sssd_pac
--debug-to-files, reason: No such file or directory
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscr
On ti, 12 syys 2017, Igor Sever via FreeIPA-users wrote:
Unfortunately, I cannot upgrade systems and packages as I want because of
legacy applications.
Is there somewhere information how would I approach to configure SSSD
to use FreeIPA as Kerberos and LDAP provider and for policies to work?
I c
Unfortunately, I cannot upgrade systems and packages as I want because of
legacy applications.
Is there somewhere information how would I approach to configure SSSD to use
FreeIPA as Kerberos and LDAP provider and for policies to work? I can only find
where access is enforced with LDAP filter in
On (11/09/17 07:42), Igor Sever via FreeIPA-users wrote:
>Can I use FreeIPA as Kerberos and LDAP provider (not as IPA) and still use
>policies somehow?
Yes you can, but sssd-1.11.5.1 was quite broken and contained many bugs.
1.11.8 should be much better but from sssd upstream POV 1.13 is long ter
Can I use FreeIPA as Kerberos and LDAP provider (not as IPA) and still use
policies somehow?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
sssd-krb5-common-1.11.5.1-14.1.x86_64
sssd-32bit-1.11.5.1-28.1.x86_64
sssd-ad-1.11.5.1-14.1.x86_64
sssd-ipa-1.11.5.1-14.1.x86_64
python-sssd-config-1.11.5.1-14.1.x86_64
sssd-1.11.5.1-14.1.x86_64
sssd-tools-1.11.5.1-14.1.x86_64
sssd-krb5-1.11.5.1-14.1.x86_64
sssd-ldap-1.11.5.1-14.1.x86_64
ipa-client
> On 10 Sep 2017, at 16:36, Igor Sever via FreeIPA-users
> wrote:
>
> It looks like my problems with AD trust on server side went away when I
> upgraded to FreeIPA 4.5 using Centos 7.4 packages, but unfortunately this is
> only half of the way.
> I have alot of SLES servers 11 and 12, but it
It looks like my problems with AD trust on server side went away when I
upgraded to FreeIPA 4.5 using Centos 7.4 packages, but unfortunately this is
only half of the way.
I have alot of SLES servers 11 and 12, but it looks like SSSD that comes with
SLES is not fully featured as RHEL or Centos.
On to, 03 elo 2017, Igor Sever via FreeIPA-users wrote:
I didn’t specify any ID range. This was all done automagically by
setup. I read a lot of documentation, and I can’t remember that ever
been mentioned. We indeed had NIS at some point, but this is not
supported any more by MS, and FreeIPA sho
I didn’t specify any ID range. This was all done automagically by setup. I read
a lot of documentation, and I can’t remember that ever been mentioned. We
indeed had NIS at some point, but this is not supported any more by MS, and
FreeIPA should not just presume that we have gidNumber on all acco
On ke, 02 elo 2017, Igor Sever via FreeIPA-users wrote:
There is no gidNumber attribute on AD group objects. If I want to apply
posix attributes directly in AD, then I don't need FreeIPA, do I...
https://blogs.technet.microsoft.com/activedirectoryua/2016/02/09/identity-management-for-unix-idmu-is
On Wed, Aug 02, 2017 at 11:40:46AM -, Igor Sever via FreeIPA-users wrote:
> There is no gidNumber attribute on AD group objects. If I want to apply
> posix attributes directly in AD, then I don't need FreeIPA, do I...
Many users and customers have an existing environment where some
machines ar
On 08/02/2017 07:40 AM, Igor Sever via FreeIPA-users wrote:
There is no gidNumber attribute on AD group objects. If I want to apply posix
attributes directly in AD, then I don't need FreeIPA, do I...
https://blogs.technet.microsoft.com/activedirectoryua/2016/02/09/identity-management-for-unix-id
There is no gidNumber attribute on AD group objects. If I want to apply posix
attributes directly in AD, then I don't need FreeIPA, do I...
https://blogs.technet.microsoft.com/activedirectoryua/2016/02/09/identity-management-for-unix-idmu-is-deprecated-in-windows-server/
It is obvious that FreeIPA
On Tue, Aug 01, 2017 at 11:20:16AM -, Igor Sever via FreeIPA-users wrote:
> I have the same error.
> I established two-way trust with AD which went fine.
> Authentication with Kerberos to AD is working.
> Since I have one test FreeIPA which is working correctly (relatively) I
> compared logs a
I have the same error.
I established two-way trust with AD which went fine.
Authentication with Kerberos to AD is working.
Since I have one test FreeIPA which is working correctly (relatively) I
compared logs and pinpointed problem to strange LDAP search which is FreeIPA
sending to DC:
(&(sAMAcco
On Tue, Jul 25, 2017 at 10:12:38AM -0400, Jason Hensley via FreeIPA-users wrote:
> On Tue, Jul 25, 2017 at 2:29 AM, Jakub Hrozek via FreeIPA-users <
> freeipa-users@lists.fedorahosted.org> wrote:
>
> > On Mon, Jul 24, 2017 at 04:25:14PM -0400, Jason Beck via FreeIPA-users
> > wrote:
> > > On Mon,
On Tue, Jul 25, 2017 at 2:29 AM, Jakub Hrozek via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
> On Mon, Jul 24, 2017 at 04:25:14PM -0400, Jason Beck via FreeIPA-users
> wrote:
> > On Mon, Jul 24, 2017 at 2:53 PM, Jason Beck
> wrote:
> >
> > > On Mon, Jul 24, 2017 at 2:23 PM, Jaku
On Mon, Jul 24, 2017 at 04:25:14PM -0400, Jason Beck via FreeIPA-users wrote:
> On Mon, Jul 24, 2017 at 2:53 PM, Jason Beck wrote:
>
> > On Mon, Jul 24, 2017 at 2:23 PM, Jakub Hrozek wrote:
> >
> >> On Mon, Jul 24, 2017 at 01:53:20PM -0400, Jason Beck wrote:
> >> > On Mon, Jul 24, 2017 at 9:25 A
On Mon, Jul 24, 2017 at 2:53 PM, Jason Beck wrote:
> On Mon, Jul 24, 2017 at 2:23 PM, Jakub Hrozek wrote:
>
>> On Mon, Jul 24, 2017 at 01:53:20PM -0400, Jason Beck wrote:
>> > On Mon, Jul 24, 2017 at 9:25 AM, Jakub Hrozek
>> wrote:
>> >
>> > > On Mon, Jul 24, 2017 at 09:05:59AM -0400, Jason Bec
On Mon, Jul 24, 2017 at 2:23 PM, Jakub Hrozek wrote:
> On Mon, Jul 24, 2017 at 01:53:20PM -0400, Jason Beck wrote:
> > On Mon, Jul 24, 2017 at 9:25 AM, Jakub Hrozek
> wrote:
> >
> > > On Mon, Jul 24, 2017 at 09:05:59AM -0400, Jason Beck wrote:
> > > > On Jul 24, 2017 4:14 AM, "Jakub Hrozek via F
On Mon, Jul 24, 2017 at 9:25 AM, Jakub Hrozek wrote:
> On Mon, Jul 24, 2017 at 09:05:59AM -0400, Jason Beck wrote:
> > On Jul 24, 2017 4:14 AM, "Jakub Hrozek via FreeIPA-users" <
> > freeipa-users@lists.fedorahosted.org> wrote:
> >
> > > On Fri, Jul 21, 2017 at 03:43:58PM -0400, Jason Beck via Fr
On Mon, Jul 24, 2017 at 01:53:20PM -0400, Jason Beck wrote:
> On Mon, Jul 24, 2017 at 9:25 AM, Jakub Hrozek wrote:
>
> > On Mon, Jul 24, 2017 at 09:05:59AM -0400, Jason Beck wrote:
> > > On Jul 24, 2017 4:14 AM, "Jakub Hrozek via FreeIPA-users" <
> > > freeipa-users@lists.fedorahosted.org> wrote:
On Jul 24, 2017 4:14 AM, "Jakub Hrozek via FreeIPA-users" <
freeipa-users@lists.fedorahosted.org> wrote:
> On Fri, Jul 21, 2017 at 03:43:58PM -0400, Jason Beck via FreeIPA-users
> wrote:
> > I have been trying to reliably get an AD trust setup for a few weeks and
> no
> > matter what I try, when I
On Mon, Jul 24, 2017 at 09:05:59AM -0400, Jason Beck wrote:
> On Jul 24, 2017 4:14 AM, "Jakub Hrozek via FreeIPA-users" <
> freeipa-users@lists.fedorahosted.org> wrote:
>
> > On Fri, Jul 21, 2017 at 03:43:58PM -0400, Jason Beck via FreeIPA-users
> > wrote:
> > > I have been trying to reliably get
On Fri, Jul 21, 2017 at 03:43:58PM -0400, Jason Beck via FreeIPA-users wrote:
> I have been trying to reliably get an AD trust setup for a few weeks and no
> matter what I try, when I goto add AD users to an external group in
> FreeIPA, I get:
>
> "trusted domain object not found"
>
> Googling ar
26 matches
Mail list logo