Re: [Freeipa-users] IPA Query Tuning and a Recovery Question

On 09/26/2013 12:00 AM, Charlie Derwent wrote: On Mon, Sep 16, 2013 at 3:21 PM, Rob Crittenden rcrit...@redhat.com mailto:rcrit...@redhat.com wrote: [...] http://freeipa.org/page/__TroubleshootingGuide#Replica___Re-Initialization

[Freeipa-users] Error trying to enroll new client

# ipa-client-install --enable-dns-updates --mkhomedir Discovery was successful! Hostname: os105.foo.net Realm: FOO.NET DNS Domain: foo.net IPA Server: osipa.foo.net BaseDN: dc=foo,dc=net Continue to configure the system with these values? [no]: yes User authrozied to enroll computers: admin

Re: [Freeipa-users] Force IPA to accept password?

On 09/26/2013 01:05 PM, Innes, Duncan wrote: Hi, Can I force IPA to accept a new password that I have chosen? What password do you have in mind? A password of an IPA user? Today I've had to change my password in 2x AD domains and other places according to policy. I've done this. But

[Freeipa-users] ipa service-add failing

Hello, I'm trying to create a secure NFS server so I need to add a service to the IPA server, but is failing $ kinit admin $ ipa service-add nfs/redhat-14.nfsv4bat.org ipa: ERROR: cannot connect to 'https://batman.nfsv4bat.org/ipa/xml': Internal Server Error $ I'm not asking what the problem

Re: [Freeipa-users] Force IPA to accept password?

Here's what I had to do: http://www.freeipa.org/page/PasswordSynchronization On Thu, Sep 26, 2013 at 10:35 AM, KodaK sako...@gmail.com wrote: As far as I can tell, password policy is enforced on the client side, not the directory side. I set up a self-service password reset utility which

Re: [Freeipa-users] Force IPA to accept password?

On Thu, Sep 26, 2013 at 02:58:43PM +0100, Innes, Duncan wrote: Sorry, -Original Message- From: Martin Kosek [mailto:mko...@redhat.com] Sent: 26 September 2013 14:29 To: Innes, Duncan Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] Force IPA to accept password?

Re: [Freeipa-users] TLSA records in FreeIPA

On 09/24/2013 12:06 PM, Petr Spacek wrote: On 24.9.2013 19:23, Erinn Looney-Triggs wrote: I wanted to bring up the idea of integrating TLSA records into FreeIPA so that a host that is issued a certificate for say the web server (via dogtag) would also publish that information in DNS using a

[Freeipa-users] Accessing IPA servers on no-standard port

Hello, I have basic configuration question, my apologies if it has already been discussed. I have ipa-server-3 server installed with default parameters with replication. We have Linux machines across different geo location and I would like to integrate them into IPA server, however, I don't

Re: [Freeipa-users] Accessing IPA servers on no-standard port

Chandan Kumar wrote: Hello, I have basic configuration question, my apologies if it has already been discussed. I have ipa-server-3 server installed with default parameters with replication. We have Linux machines across different geo location and I would like to integrate them into IPA

[Freeipa-users] FreeIPA Master Slave Setup Client Configuration

Hi, We have setup FreeIPA within our environment the setup is master slave. We want to know how we can configure clients to look to slave incase master server is no available to authenticate the user. Regards, Mohan Cheema ___ Freeipa-users

Re: [Freeipa-users] Accessing IPA servers on no-standard port

Hi Rob, Thanks for the info. Sure I will create the ticket and will certainly try to pick the low-hanging fruit :-) -- http://about.me/chandank On Thu, Sep 26, 2013 at 7:51 PM, Rob Crittenden rcrit...@redhat.com wrote: Chandan Kumar wrote: Hello, I have basic configuration question, my