On 03/08/2014 07:39 AM, rashard.ke...@sita.aero wrote:
Hello all!!
I cannot get a RHEL5.10 client to install!
[root@hostname ~]# ipa-client-install --hostname=hostname.domain.com
--no-ntp --ca-cert-file=/etc/ipa/ca.crt
DNS domain 'doman.com' is not configured for automatic KDC address
On 7.3.2014 16:57, Dmitri Pal wrote:
On 03/07/2014 10:29 AM, artj...@free.fr wrote:
Selon Petr Spacekpspa...@redhat.com:
On 7.3.2014 14:16,artj...@free.fr wrote:
I want to install ipa server with a replica. The replica has 2 NICs
: the
ipa
server is connected on the first
Hello all,
I'm migrating our OpenLDAP-based IdM-system to IPA. Instead of using
migrate-ds I used some custom scripts to import all of our users (~250)
and groups (~85) with IPA commands (ipa user-add etc.). To move
passwords I configured the ipa-server to run in migration mode and did
an
On (10/03/14 13:55), Jitse Klomp wrote:
Hello all,
I'm migrating our OpenLDAP-based IdM-system to IPA. Instead of using
migrate-ds I used some custom scripts to import all of our users (~250)
and groups (~85) with IPA commands (ipa user-add etc.). To move
passwords I configured the ipa-server to
On 10-03-14 14:35, Lukas Slebodnik wrote:
On (10/03/14 13:55), Jitse Klomp wrote:
Hello all,
I'm migrating our OpenLDAP-based IdM-system to IPA. Instead of using
migrate-ds I used some custom scripts to import all of our users (~250)
and groups (~85) with IPA commands (ipa user-add etc.). To
Thanks for the response Martin. The DNS info is configured the same as it
is on other clients. I did run the install in debug mode and failed at...
Starting nscd: [ OK ]
root: DEBUGstderr=
root: DEBUGargs=/sbin/chkconfig nscd
On 10-03-14 14:59, Jitse Klomp wrote:
On 10-03-14 14:35, Lukas Slebodnik wrote:
On (10/03/14 13:55), Jitse Klomp wrote:
Hello all,
I'm migrating our OpenLDAP-based IdM-system to IPA. Instead of using
migrate-ds I used some custom scripts to import all of our users (~250)
and groups (~85)
This service should be needed at all in default installation, did you maybe try
to run ipa-client-install with --no-sssd option and do not have nss-pam-ldapd
package installed?
Martin
On 03/10/2014 03:11 PM, rashard.ke...@sita.aero wrote:
Thanks for the response Martin. The DNS info is
On Sat, 2014-03-08 at 18:53 -0500, Dmitri Pal wrote:
On 03/08/2014 04:36 PM, Trey Dockendorf wrote:
I got a RHEL7-beta VM up and running with basic ipa install (no DNS and no
NTP).
IPA is 3.3.3-5.el7
SSSD is 1.11.2-1.el7
krb5 is 1.11.3-31.el7
Based on the docs at
Hi,
On 6.3.2014 05:42, Robert Story wrote:
Hi,
I'm trying to install on CentOS 6.5 (ipa-server-3.0.0-37.el6.x86_64) and an
external CA. I'm getting this error:
Command '/usr/bin/sslget -v -n ipa-ca-agent -p -d /tmp/tmp-jNYt3P -r
/ca/agent/ca/profileReview?requestId=6 auth.lan:9443'
On Mon, Mar 10, 2014 at 03:19:28PM +0100, Jitse Klomp wrote:
On 10-03-14 14:59, Jitse Klomp wrote:
On 10-03-14 14:35, Lukas Slebodnik wrote:
On (10/03/14 13:55), Jitse Klomp wrote:
Hello all,
I'm migrating our OpenLDAP-based IdM-system to IPA. Instead of using
migrate-ds I used some
On (10/03/14 15:19), Jitse Klomp wrote:
On 10-03-14 14:59, Jitse Klomp wrote:
On 10-03-14 14:35, Lukas Slebodnik wrote:
On (10/03/14 13:55), Jitse Klomp wrote:
Hello all,
I'm migrating our OpenLDAP-based IdM-system to IPA. Instead of using
migrate-ds I used some custom scripts to import all of
Selon Petr Spacek pspa...@redhat.com:
On 7.3.2014 16:57, Dmitri Pal wrote:
On 03/07/2014 10:29 AM, artj...@free.fr wrote:
Selon Petr Spacekpspa...@redhat.com:
On 7.3.2014 14:16,artj...@free.fr wrote:
I want to install ipa server with a replica. The replica has 2
NICs
: the
On 10-03-14 16:10, Lukas Slebodnik wrote:
On (10/03/14 15:19), Jitse Klomp wrote:
On 10-03-14 14:59, Jitse Klomp wrote:
On 10-03-14 14:35, Lukas Slebodnik wrote:
On (10/03/14 13:55), Jitse Klomp wrote:
Hello all,
I'm migrating our OpenLDAP-based IdM-system to IPA. Instead of using
On (10/03/14 16:35), Jitse Klomp wrote:
On 10-03-14 16:10, Lukas Slebodnik wrote:
On (10/03/14 15:19), Jitse Klomp wrote:
On 10-03-14 14:59, Jitse Klomp wrote:
On 10-03-14 14:35, Lukas Slebodnik wrote:
On (10/03/14 13:55), Jitse Klomp wrote:
Hello all,
I'm migrating our OpenLDAP-based IdM-system
On (10/03/14 16:58), Lukas Slebodnik wrote:
On (10/03/14 16:35), Jitse Klomp wrote:
On 10-03-14 16:10, Lukas Slebodnik wrote:
On (10/03/14 15:19), Jitse Klomp wrote:
On 10-03-14 14:59, Jitse Klomp wrote:
On 10-03-14 14:35, Lukas Slebodnik wrote:
On (10/03/14 13:55), Jitse Klomp wrote:
Hello all,
On 10-03-14 17:03, Lukas Slebodnik wrote:
On (10/03/14 16:58), Lukas Slebodnik wrote:
On (10/03/14 16:35), Jitse Klomp wrote:
On 10-03-14 16:10, Lukas Slebodnik wrote:
On (10/03/14 15:19), Jitse Klomp wrote:
On 10-03-14 14:59, Jitse Klomp wrote:
On 10-03-14 14:35, Lukas Slebodnik wrote:
On
Lukas Slebodnik wrote:
On (10/03/14 16:58), Lukas Slebodnik wrote:
On (10/03/14 16:35), Jitse Klomp wrote:
On 10-03-14 16:10, Lukas Slebodnik wrote:
On (10/03/14 15:19), Jitse Klomp wrote:
On 10-03-14 14:59, Jitse Klomp wrote:
On 10-03-14 14:35, Lukas Slebodnik wrote:
On (10/03/14 13:55),
On Mon, Mar 10, 2014 at 05:23:59PM +0100, Jitse Klomp wrote:
On 10-03-14 17:03, Lukas Slebodnik wrote:
On (10/03/14 16:58), Lukas Slebodnik wrote:
On (10/03/14 16:35), Jitse Klomp wrote:
On 10-03-14 16:10, Lukas Slebodnik wrote:
On (10/03/14 15:19), Jitse Klomp wrote:
On 10-03-14 14:59,
On 03/10/2014 10:32 AM, Nathaniel McCallum wrote:
On Sat, 2014-03-08 at 18:53 -0500, Dmitri Pal wrote:
On 03/08/2014 04:36 PM, Trey Dockendorf wrote:
I got a RHEL7-beta VM up and running with basic ipa install (no DNS and no NTP).
IPA is 3.3.3-5.el7
SSSD is 1.11.2-1.el7
krb5 is 1.11.3-31.el7
On Sun, 2014-03-09 at 01:28 +, Nordgren, Bryce L -FS wrote:
IPA supplements (or hopefully will supplement) AD in my environment. I
need to worry about colliding with UIDs in a directory I don't
control. IPA can't solve this problem for me. Neither can my current
LDAP solution. But machines
On 03/10/2014 11:16 AM, artj...@free.fr wrote:
Selon Petr Spacekpspa...@redhat.com:
On 7.3.2014 16:57, Dmitri Pal wrote:
On 03/07/2014 10:29 AM, artj...@free.fr wrote:
Selon Petr Spacekpspa...@redhat.com:
On 7.3.2014 14:16,artj...@free.fr wrote:
I want to install ipa server with a
On 10-03-14 18:57, Sumit Bose wrote:
On Mon, Mar 10, 2014 at 05:23:59PM +0100, Jitse Klomp wrote:
On 10-03-14 17:03, Lukas Slebodnik wrote:
On (10/03/14 16:58), Lukas Slebodnik wrote:
On (10/03/14 16:35), Jitse Klomp wrote:
On 10-03-14 16:10, Lukas Slebodnik wrote:
On (10/03/14 15:19),
Jitse Klomp wrote:
On 10-03-14 18:57, Sumit Bose wrote:
On Mon, Mar 10, 2014 at 05:23:59PM +0100, Jitse Klomp wrote:
On 10-03-14 17:03, Lukas Slebodnik wrote:
On (10/03/14 16:58), Lukas Slebodnik wrote:
On (10/03/14 16:35), Jitse Klomp wrote:
On 10-03-14 16:10, Lukas Slebodnik wrote:
On
On Mon, Mar 10, 2014 at 07:56:07PM +0100, Jitse Klomp wrote:
On 10-03-14 18:57, Sumit Bose wrote:
On Mon, Mar 10, 2014 at 05:23:59PM +0100, Jitse Klomp wrote:
On 10-03-14 17:03, Lukas Slebodnik wrote:
On (10/03/14 16:58), Lukas Slebodnik wrote:
On (10/03/14 16:35), Jitse Klomp wrote:
On
On Mon, 10 Mar 2014 15:44:01 +0100 Jan wrote:
JC On 6.3.2014 05:42, Robert Story wrote:
JC I'm trying to install on CentOS 6.5 (ipa-server-3.0.0-37.el6.x86_64)
JC and an external CA. I'm getting this error:
JC [snip]
JC Can you please run certutil -V on the issuer certificate
JC (CN=Certificate
On Mon, 2014-03-10 at 15:45 -0400, Robert Story wrote:
On Mon, 10 Mar 2014 15:44:01 +0100 Jan wrote:
JC On 6.3.2014 05:42, Robert Story wrote:
JC I'm trying to install on CentOS 6.5 (ipa-server-3.0.0-37.el6.x86_64)
JC and an external CA. I'm getting this error:
JC [snip]
JC Can you please
On 10-03-14 20:34, Sumit Bose wrote:
On Mon, Mar 10, 2014 at 07:56:07PM +0100, Jitse Klomp wrote:
On 10-03-14 18:57, Sumit Bose wrote:
On Mon, Mar 10, 2014 at 05:23:59PM +0100, Jitse Klomp wrote:
On 10-03-14 17:03, Lukas Slebodnik wrote:
On (10/03/14 16:58), Lukas Slebodnik wrote:
On
On (10/03/14 15:14), Rob Crittenden wrote:
Jitse Klomp wrote:
On 10-03-14 18:57, Sumit Bose wrote:
On Mon, Mar 10, 2014 at 05:23:59PM +0100, Jitse Klomp wrote:
On 10-03-14 17:03, Lukas Slebodnik wrote:
On (10/03/14 16:58), Lukas Slebodnik wrote:
On (10/03/14 16:35), Jitse Klomp wrote:
On 10-03-14
I'm jumping in kind of late, but I may have a way for you to eliminate your
current man in the middle password proxy.
On Mon, 2014-03-03 at 18:42 -0600, Trey Dockendorf wrote:
Is it possible with FreeIPA to use an external KDC or pass some
or all authentication to an external KDC? The
On (10/03/14 21:47), Lukas Slebodnik wrote:
On (10/03/14 15:14), Rob Crittenden wrote:
Jitse Klomp wrote:
On 10-03-14 18:57, Sumit Bose wrote:
On Mon, Mar 10, 2014 at 05:23:59PM +0100, Jitse Klomp wrote:
On 10-03-14 17:03, Lukas Slebodnik wrote:
On (10/03/14 16:58), Lukas Slebodnik wrote:
On
But let me say I am not at all against having thesis' that explore some of
these
theoretical questions, however one need to understand that the deliverable
may end up being something that cannot be implemented or that it would
require a long time to do so. As long as that is clear everything
On Mon, 2014-03-10 at 21:47 +0100, Lukas Slebodnik wrote:
Output of ldapsearch *after* logging in to CentOS for the first
time:
krbPasswordExpiration: 20140310183603Z
krbLastPwdChange: 20140310183603Z
Why is the password exporation the same as the last password change?
This
On 10-03-14 22:06, Sumit Bose wrote:
Thank you. Maybe there is a change in return codes between MIT Kerberos
1.10 (Centos 6) and 1.11 (F20, RHEL7). Can you try to run
KRB5_TRACE=/dev/stdout kinit unmigrated_u...@domain.nl
on the different platforms and paste the results? I would expect to see
On 03/10/2014 03:13 PM, Nathaniel McCallum wrote:
On Mon, 2014-03-10 at 14:50 -0400, Dmitri Pal wrote:
On 03/10/2014 10:32 AM, Nathaniel McCallum wrote:
On Sat, 2014-03-08 at 18:53 -0500, Dmitri Pal wrote:
On 03/08/2014 04:36 PM, Trey Dockendorf wrote:
I got a RHEL7-beta VM up and running
On 03/10/2014 05:09 PM, Nordgren, Bryce L -FS wrote:
I'm jumping in kind of late, but I may have a way for you to eliminate your
current man in the middle password proxy.
On Mon, 2014-03-03 at 18:42 -0600, Trey Dockendorf wrote:
Is it possible with FreeIPA to use an external KDC or pass some
In the default case IPA, will automatically allocate a non conflicting range
to
AD SIDs and pa SIDs to UIDs automatically. however if you want to use posix
Ids stored in AD then yes, you will have to take care manually to avoid
conflicts.
A perhaps doable, more applied thesis still
Hi all,
I'm in the process of testing IPA server for centralised
authentication of our linux hosts. We run CentOS 6.5 and it's all new so
we have no legacy issues.
In the lab I've set up an IPA server with the yum install and used a local
bind instance which all seems to be working
On 03/10/2014 07:34 PM, David Taylor wrote:
Hi all,
I'm in the process of testing IPA server for centralised
authentication of our linux hosts. We run CentOS 6.5 and it's all new so
we have no legacy issues.
In the lab I've set up an IPA server with the yum install and used a local
On Mon, 2014-03-10 at 23:06 +, Nordgren, Bryce L -FS wrote:
In the default case IPA, will automatically allocate a non conflicting
range to
AD SIDs and pa SIDs to UIDs automatically. however if you want to use posix
Ids stored in AD then yes, you will have to take care manually to
@Dmitri - Thank you for your reply, that is actually one of the documents
I read, however there seem to be some steps missing as with the
configuration elements in place sudo doesn't work
dtaylor is not allowed to run sudo on ipa-client. This incident will be
reported.
There is some note about
Ok here is the info that finally made it all work
https://www.redhat.com/archives/freeipa-users/2013-June/msg00064.html
I seem to have had all the elements in there already so I suspect it was a
statement order issue
Best regards
David Taylor
-Original Message-
From:
42 matches
Mail list logo