Probably, this question is been asked before
I try to register an IPA client but get the following error.
(primary kerberos are AD hosts, so I use --server etc)
What can be wrong? The necessary firewall ports are opened
ipa-client-install --server testclient03 --domain example.org
root
Solved. --server also needs FQDN
I've to think twice before posting ;-)
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
Dear List,
We dumped our existing LDAP users into AD using a powershell script.
When creating the users with powershell, the Name: field gets populated
with the username (eg. abogar).
However if creating a user with the dsa.msc the Name: field get
populated with the fullname (eg. Attila
On Thu, 2011-06-23 at 13:48 +0100, Attila Bogár wrote:
When I change a user's full name in IPA, usermod --cn=New Name, IPA
pushes back the full name into the (read-only) Name: attribute
succesfully.
So this workaround does exactly what I want, though I'm wondering if
anyone knows what
El mar, 21-06-2011 a las 16:02 +0200, Adam Tkac escribió:
On 06/21/2011 03:51 PM, Loris Santamaria wrote:
El mar, 21-06-2011 a las 12:12 +0200, Adam Tkac escribió:
On 06/16/2011 09:38 PM, Loris Santamaria wrote:
El jue, 16-06-2011 a las 11:27 -0400, Simo Sorce escribió:
On Thu, 2011-06-16
My new freeipa installation is working (server + kinit on a host where
I configured krb5.conf manually)
but ipa-client-install gives the typical Kerberos error:
kinit: Client not found in Kerberos database while getting initial credentials
Both hosts are resolvable
On 06/23/2011 08:35 AM, Attila Bogár wrote:
Hi,
When I apply the following ldif, the custom fields are not appearing
on the web interface (ipa restart doesn't help).
-- 8 --
dn: cn=ipaConfig,cn=etc,dc=linguamatics,dc=com
changetype: modify
replace: ipaCustomFields
ipaCustomFields: Employee
Hi,
I deleted more than 50 users from AD and expected IPA to do the same.
However the EXAMPLE-COM 389-ds instance just crashed and I can't start
it anymore.
Could you please help with this issue?
The error logging is set to REPL|PLUGIN.
I can see the following in error log:
tail
Hi,
On 23/06/11 14:04, Simo Sorce wrote:
The Full Name field is not read-only in AD.
It is exactly the attribute in which you are supposed to put the user's
Full Name.
There are 3 fields, namely: name, displayName and cn.
I can see, that IPA was changing the cn and name fields.
If you start
On 06/23/2011 09:06 AM, Rich Megginson wrote:
On 06/23/2011 08:02 AM, Attila Bogár wrote:
Hi,
I deleted more than 50 users from AD and expected IPA to do the same.
However the EXAMPLE-COM 389-ds instance just crashed and I can't
start it anymore.
Could you please help with this issue?
The
On Thu, 2011-06-23 at 15:26 +0200, Pieter Baele wrote:
My new freeipa installation is working (server + kinit on a host where
I configured krb5.conf manually)
but ipa-client-install gives the typical Kerberos error:
kinit: Client not found in Kerberos database while getting initial
On Wed, Jun 22, 2011 at 10:49 PM, Rob Crittenden rcrit...@redhat.comwrote:
Charlie Derwent wrote:
Hi
I'm running FreeIPA server on F14 and connecting to a F14 client. When I
run ipa-client-install (via kickstart or after the client has installed)
I'm getting the following error message.
Charlie Derwent wrote:
On Wed, Jun 22, 2011 at 10:49 PM, Rob Crittenden rcrit...@redhat.com
mailto:rcrit...@redhat.com wrote:
Charlie Derwent wrote:
Hi
I'm running FreeIPA server on F14 and connecting to a F14
client. When I
run ipa-client-install (via
Pieter Baele wrote:
My new freeipa installation is working (server + kinit on a host where
I configured krb5.conf manually)
but ipa-client-install gives the typical Kerberos error:
kinit: Client not found in Kerberos database while getting initial credentials
Both hosts are resolvable
I'd
Wow this looks like a huge improvement...I can see my next few days is booked.
More pictures showing how to do things please
regards
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
On Thu, 2011-06-23 at 21:17 +, Steven Jones wrote:
Hi,
looking at sssd enforcing the HBAC, is it possible to [easily] or even
possible to achieve the same thing with say openlap or 389?
Right now, the SSSD is making certain assumptions that the server
providing the HBAC rules is an IPA
Hi,
I didnt really mean point sssd at something else besides IPA, but where any
other package can do what sssd and HBAC can achieve
In a way I'm looking to justify why we buy IPA as opposed to connecting
directly to AD or using something like Likewise.
regards
On 06/23/2011 06:08 PM, Steven Jones wrote:
Hi,
I didnt really mean point sssd at something else besides IPA, but where any
other package can do what sssd and HBAC can achieve
In a way I'm looking to justify why we buy IPA as opposed to connecting
directly to AD or using something
On Thu, Jun 23, 2011 at 6:54 PM, Rob Crittenden rcrit...@redhat.com wrote:
Charlie Derwent wrote:
On Wed, Jun 22, 2011 at 10:49 PM, Rob Crittenden rcrit...@redhat.com
mailto:rcrit...@redhat.com wrote:
Charlie Derwent wrote:
Hi
I'm running FreeIPA server on F14 and
Steven Jones wrote, on 06/23/2011 05:16 PM:
Wow this looks like a huge improvement...I can see my next few days is booked.
More pictures showing how to do things please
For you, I'll do it! But only for you. :)
Actually, it's already on my project to-do list. FreeIPAv2.1 is having a
20 matches
Mail list logo