On 02/25/2013 03:38 PM, Sigbjorn Lie wrote:
On Mon, February 25, 2013 12:59, Christian Horn wrote:
Hi,
On Mon, Feb 25, 2013 at 09:46:49AM +0100, Sigbjorn Lie wrote:
$ ipa dnszone-add example.com --name-server=ns01.example.com
--admin-email=hostmaster.example.com
ipa: ERROR: attribute
On 02/26/2013 09:01 AM, Umarzuki Mochlis wrote:
hi,
on tried to create a free-ipa replica on fedora 18 with
freeipa-server-3.1.2-1.fc18.x86_64
below is last few lines of /var/log/ipareplica-install.log
2013-02-25T16:16:33Z DEBUG retrieving schema for SchemaCache
On 02/25/2013 04:38 PM, Brian Smith wrote:
It seems that regardless of the global password expiry setting, that setting a
password via the methods
user-add
passwd
i will always have a password that expires in 90 days. I followed the
instructions here
2013/2/26 Martin Kosek mko...@redhat.com:
Hi Martin,
I found below on errors file
[26/Feb/2013:00:16:14 +0800] - 389-Directory/1.3.0.3 B2013.045.10 starting up
[26/Feb/2013:00:16:14 +0800] - Db home directory is not set. Possibly
nsslapd-directory (optionally nsslapd-db-home-directory) is
Hm, all these are usually benign, when we are just setting up a replication.
Can you please send me the whole ipareplica-install.log and dirsrv's errors log
so I can see these errors in a broader context? You can do it in private
message if you want.
Btw I assume that you are running on the
And what?
Is there any result? I try same thing with my AMM and IPA
В Пн., 05/11/2012 в 09:32 +0100, Petr Spacek пишет:
On 11/03/2012 01:12 PM, Pavel Zhukov wrote:
Can you do NS lookup of the IPA server from the AMM box?
yes
Can you do kinit from the AMM box against IPA?
Can you do
ok, but setting nsslapd-changelogmaxage parameter doesnt automatically
shrink changelog. The file size dosent change. Other idea how to trim
changelog file?
2013/2/25 Rich Megginson rmegg...@redhat.com
On 02/25/2013 11:33 AM, Kriss Von Prosst wrote:
Hi,
I have multimaster replication
On 26.2.2013 11:49, Артур Файзуллин wrote:
And what?
Is there any result? I try same thing with my AMM and IPA
Unfortunately, we don't have sufficient information to give you any advice.
Please, try to provide output from a sniffer as I asked in last reply. Then we
will try to help you. (You
On 23.2.2013 23:01, Dale Macartney wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/23/2013 09:47 PM, Dmitri Pal wrote:
On 02/23/2013 12:48 PM, Dale Macartney wrote:
Hi all
I've just performed a clean IPA installation and noticed that if you're
using integrated DNS,
On 02/26/2013 04:29 PM, Dmitri Pal wrote:
On 02/21/2013 12:31 PM, Dmitri Pal wrote:
On 02/21/2013 11:44 AM, Erinn Looney-Triggs wrote:
On 02/21/2013 09:40 AM, Rob Crittenden wrote:
Erinn Looney-Triggs wrote:
On 02/21/2013 09:34 AM, Rob Crittenden wrote:
Erinn Looney-Triggs wrote:
On
Sorry for the late response, so I tried this, and it changed the error to the
following:
Synchronizing time with KDC...
Joining realm failed: HTTP response code is 401, not 200
Installation failed. Rolling back changes.
Looking at debug this is what I see:
HTTP/1.1 401 Authorization
On 02/26/2013 10:29 AM, Dmitri Pal wrote:
On 02/21/2013 12:31 PM, Dmitri Pal wrote:
On 02/21/2013 11:44 AM, Erinn Looney-Triggs wrote:
On 02/21/2013 09:40 AM, Rob Crittenden wrote:
Erinn Looney-Triggs wrote:
On 02/21/2013 09:34 AM, Rob Crittenden wrote:
Erinn Looney-Triggs wrote:
On
On 02/26/2013 06:05 PM, Erinn Looney-Triggs wrote:
On 02/26/2013 10:29 AM, Dmitri Pal wrote:
On 02/21/2013 12:31 PM, Dmitri Pal wrote:
On 02/21/2013 11:44 AM, Erinn Looney-Triggs wrote:
On 02/21/2013 09:40 AM, Rob Crittenden wrote:
Erinn Looney-Triggs wrote:
On 02/21/2013 09:34 AM, Rob
On 02/26/2013 12:08 PM, Martin Kosek wrote:
On 02/26/2013 06:05 PM, Erinn Looney-Triggs wrote:
On 02/26/2013 10:29 AM, Dmitri Pal wrote:
On 02/21/2013 12:31 PM, Dmitri Pal wrote:
On 02/21/2013 11:44 AM, Erinn Looney-Triggs wrote:
On 02/21/2013 09:40 AM, Rob Crittenden wrote:
Erinn
On 02/26/2013 06:10 PM, Erinn Looney-Triggs wrote:
On 02/26/2013 12:08 PM, Martin Kosek wrote:
On 02/26/2013 06:05 PM, Erinn Looney-Triggs wrote:
On 02/26/2013 10:29 AM, Dmitri Pal wrote:
On 02/21/2013 12:31 PM, Dmitri Pal wrote:
On 02/21/2013 11:44 AM, Erinn Looney-Triggs wrote:
On
Hi,
I have a IPA server, NFS4 Server sharing home directories with autofs and krb5p
as only valid authentication.
Mail Postfix/Dovecot both with startTLS and GSSAPI.
All servers and clients are Red Hat 6.3 and updated with latest kernel and
everything else.
If i start and log in locally as
On 02/26/2013 01:31 AM, Trey Dockendorf wrote:
On Feb 25, 2013 1:23 AM, Dmitri Pal d...@redhat.com
mailto:d...@redhat.com wrote:
On 02/23/2013 10:33 PM, Trey Dockendorf wrote:
I just begun evaluating FreeIPA, after having successfully used 389ds
for a few months. The move from 389
I know that at some point the sssd package (or maybe the tools
package) started including sss_cache for managing the sssd cache. I
have some RHEL5 boxes that don't have this utility.
I've been stopping the sssd service, deleting the contents of
/var/lib/sss/db/ and then restarting and things
On 02/25/2013 02:29 PM, Mercer, Rodney wrote:
I think that this is a good explanation or the solaris rbac model.
http://www.softpanorama.org/Solaris/Security/solaris_rbac.shtml
Regards,
Rodney.
I will definitely read it. But assume I did.
What are the next steps?
The schema is the right one
On 02/26/2013 02:29 PM, KodaK wrote:
I know that at some point the sssd package (or maybe the tools
package) started including sss_cache for managing the sssd cache. I
have some RHEL5 boxes that don't have this utility.
I've been stopping the sssd service, deleting the contents of
Hi,
Its what I have to do on most client side issues and what RH support advise. I
was told that the sssd daemon would be upgraded in 6.4, its certainly seems to
be my main pain point right now.
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064
On 02/25/2013 09:58 AM, Guy Matz wrote:
Hello! Does anyone out there run two instances of freeipa, prod
non-prod instances? Are there any issues to be wary of in this
scenario? Any gotchas? Do you use the same realms domain names
between instances?
As long as you completely isolate one
Thanks! Is it a matter of isolating the networks? Or just making sure
clients are pointing to the correct server?
Thanks again,
Guy
On 02/26/2013 02:45 PM, Dmitri Pal wrote:
On 02/25/2013 09:58 AM, Guy Matz wrote:
Hello! Does anyone out there run two instances of freeipa, prod
non-prod
On Tue, Feb 26, 2013 at 02:36:42PM -0500, Dmitri Pal wrote:
On 02/26/2013 02:29 PM, KodaK wrote:
I know that at some point the sssd package (or maybe the tools
package) started including sss_cache for managing the sssd cache. I
have some RHEL5 boxes that don't have this utility.
I've
Hi All,
Spec:
Red Hat Enterprise Linux Server release 6.3 (Santiago)
ipa-server-2.2.0-16.el6.x86_64
Issue:
I made a post a while back regarding IPA and the forcing of the hostname
to be a FQDN entry, rather than utilising `hostname --fqdn`
ref:
Ok! I will try :) but would you give me some advice :) what configs to
put. should I use:
* Use LDAP Servers for Authentication and Authorization
* Use DNS to find LDAP Servers
and put here domain name if IPA-server?
* should in Active Directory Settings Enhanced role-based security be
Is is still required if the replica is created using the following command:-
# ipa-replica-install --setup-ca --setup-dns
--
Regards,
Rajnesh Kumar Siwal
___
Freeipa-users mailing list
Freeipa-users@redhat.com
What does it mean to have several domains listed in sssd.conf ? Will
they all be queried on each login, or will only the first domain be
queried if the user/groups is found there?
Does having an IPA domain, and an LDAP domain pointing at the same
servers give any protection against failures in
28 matches
Mail list logo