Is there something equivalent to 'getattr' for ipa host-mod?
I see setattr, addattr and delattr but to get attributes you have to do
host-show --all. There is no way to ask for one specific attribute?
Thanks,
Brian
___
Freeipa-users mailing list
On 03/21/2013 06:59 AM, Brian Cook wrote:
Is there something equivalent to 'getattr' for ipa host-mod?
I see setattr, addattr and delattr but to get attributes you have to do
host-show --all. There is no way to ask for one specific attribute?
Thanks,
Brian
No, I am afraid there is
On 21.3.2013 10:15, Martin Kosek wrote:
On 03/21/2013 06:59 AM, Brian Cook wrote:
Is there something equivalent to 'getattr' for ipa host-mod?
I see setattr, addattr and delattr but to get attributes you have to do
host-show --all. There is no way to ask for one specific attribute?
I would
Serverdefault has a hack for supporting nested groups on
RHEL5/apache-2.2 involving a ldap filter using
LDAP_MATCHING_RULE_IN_CHAIN on Active Directory, ref:
http://serverfault.com/a/424706
Does anybody know if a similar filter can be created for an with
IPA/389ds backend ?
-jf
On Thu, Mar 21, 2013 at 11:43:55AM +0100, Jan-Frode Myklebust wrote:
On Wed, Mar 20, 2013 at 02:29:07PM +0100, Jakub Hrozek wrote:
I think pasting or attaching SSSD logs would be a good start. Can you
put debug_level = 6 into your sssd.conf into the [pam] and [domain]
sections restart
I installed freeipa from the Fedora 18 repo and then ran the
freeipa-server-install with the proper parameters. Installation seems to be
successful but the http (80) and ldap (389) services are not listening on the
ipv4 interface. I confirmed that the /etc/hosts file contains a proper entry
HI!
I have configured sssd_sudo integration on EL6.4 and it works nice!
But then I've checked this:
[afaizullin@domen00 ~]$ sudo package-cleanup --leaves
[sudo] password for afaizullin:
Loaded plugins: fastestmirror
libertas-usb8388-firmware-5.110.22.p23-3.1.el6.noarch
Hello,
I'm currently in the processing of installing/configuring IPA 2.2.0-16 on a
Red Hat 6.4 Server and I'm running into some issues trying to get IPA to
replicate to a Windows 2003 SP2 DC.
Here is the steps I took (I used the Red Hat Identity Management Guide)
1) Create idmpasssync
On 03/21/2013 12:37 PM, Joseph, Matthew (EXP) wrote:
Hello,
I'm currently in the processing of installing/configuring IPA 2.2.0-16
on a Red Hat 6.4 Server and I'm running into some issues trying to
get IPA to replicate to a Windows 2003 SP2 DC.
Here is the steps I took (I used the Red Hat
Hey Rich,
Tried the command you listed below and it says ldap_bind: Invalid Credentials
(49)
If I take away the -w 'WindowsIDMPassSyncPW' then it will bring back the
results of the LDAP search.
From: Rich Megginson [mailto:rmegg...@redhat.com]
Sent: Thursday, March 21, 2013 4:12 PM
To: Joseph,
On 03/21/2013 01:26 PM, Joseph, Matthew (EXP) wrote:
Hey Rich,
Tried the command you listed below and it says ldap_bind: Invalid
Credentials (49)
This means you have the wrong password.
If I take away the --w 'WindowsIDMPassSyncPW' then it will bring back
the results of the LDAP search.
Hey Rich,
I've changed the password multiple times now and it's still not accepting the
password. I've even set it as simple as password.
I forgot to mention in my initial post that my domain looks more like this.
Domain1.domain2.ca
So my command looks like
On 03/21/2013 01:45 PM, Joseph, Matthew (EXP) wrote:
Hey Rich,
I've changed the password multiple times now and it's still not
accepting the password. I've even set it as simple as password.
I forgot to mention in my initial post that my domain looks more like
this.
Domain1.domain2.ca
I'm not sure what happened here. The log dir for pki-ca was completely
empty. I restarted pki-ca, the log files were created, and it appeared
to operate normally.
I rebuilt the box from scratch (just to have a clean start) and
everything came up perfectly fine.
-Patrick
On 2013/20/03 12:54, Ade
Miller, Kevin R wrote:
I am able to connect to the web server (80) from the localhost but that is
because it uses loopback to connect to the ipv6 listener. I can telnet to 389
on localhost but again this is due to loopback.
Right, but what about 127.0.0.1, for example? Or the IPv4 address.
Miller, Kevin R wrote:
I went down that route because when I run the ipa_client_install it says that
my IPA server is incorrect and to ensure that I have the required ports open. I
disabled iptables and placed selinux into permissive mode. I attempted
externally to connect to the necessary
On Thu, Mar 21, 2013 at 03:29:38PM +0100, Jakub Hrozek wrote:
I see several failures related to the SELinux processing:
---
(Thu Mar 21 08:23:57 2013) [sssd[be[example.net]]]
[ipa_selinux_get_maps_done] (0x0400): No SELinux user maps found!
(Thu Mar 21 08:23:57 2013)
On Wed, Mar 20, 2013 at 7:54 PM, Simo Sorce s...@redhat.com wrote:
You should have given the pwm user 'password sync' privileges.
See this: http://www.freeipa.org/page/PasswordSynchronization
I remember what my problem with PWM was now: it wants to go out and
retrieve something from the cloud
Jan-Frode Myklebust wrote:
On Thu, Mar 21, 2013 at 03:29:38PM +0100, Jakub Hrozek wrote:
I see several failures related to the SELinux processing:
---
(Thu Mar 21 08:23:57 2013) [sssd[be[example.net]]] [ipa_selinux_get_maps_done]
(0x0400): No SELinux user maps found!
(Thu Mar 21
Miller, Kevin R wrote:
There is still and iptables rule set but I disabled the service with a
chkconfig iptables off and a chkconfig ip6tables off. I also did a chkconfig
firewalld off. I just verified that each was still disabled with a service
iptables status and repeated for the other
On Thu, Mar 21, 2013 at 05:25:57PM -0400, Rob Crittenden wrote:
ipa : ERRORUpdate failed: Object class violation: attribute
ipaSELinuxUserMapOrder not allowed
so I suspect there are some problem with our LDAP schema. That might be
related to the No SELinux user maps found
- Original Message -
From: Dmitri Pal d...@redhat.com
To: freeipa-users@redhat.com
Sent: Wednesday, March 20, 2013 7:29 PM
Subject: Re: [Freeipa-users] Mail Challenge Password Reset
On 03/20/2013 07:23 PM, Michael ORourke wrote:
We have a POC with PWM and a testIPA server running
- Original Message -
From: KodaK sako...@gmail.com
To: Michael ORourke mrorou...@earthlink.net
Cc: freeipa-users@redhat.com
Sent: Wednesday, March 20, 2013 8:35 PM
Subject: Re: [Freeipa-users] Mail Challenge Password Reset
On Wed, Mar 20, 2013 at 6:23 PM, Michael ORourke
I had sudo issues similar to this, I can't remember the exact fix. I have the
following two things in my notes. The second command would obviously need you
to add the people you want to be able to sudo to the admins group after you add
this.
yum install ipa-client fprintd-pam -y
echo
Those packages are installed. The second part is against what I am trying to
accomplish. My sudo rule is already created in IPA. I just need SSSD to fetch
it.
Thanks,
Brian
On Mar 21, 2013, at 8:37 PM, John Moyer john.mo...@digitalreasoning.com wrote:
I had sudo issues similar to this, I
Sorry that's all I have in my notes. I'm sure others will have ideas. Sorry
I couldn't be more help.
Thanks,
_
John Moyer
On Mar 21, 2013, at 11:50 PM, Brian Cook bc...@redhat.com wrote:
Those packages are installed. The second part is
26 matches
Mail list logo