Dear All,
Centralized authentication is working fine and we have a requirement to
give privilege to users for configuring printer in their machines. For
local users, they will get the privilege by adding them to the local
printer group (lp or lpadmin group).
Is there any way to add the user to
What does
getent group ose-developers
getent group 88902
on the ipa client show? the client sssd nss and domain logs will log any
relevant errors.
Jatin
On 25/07/14 13:22, Mark Heslin wrote:
Happy Friday,
I'm getting this message on login to an IPA client and not sure why:
$ ssh -Y
Happy Friday,
I'm getting this message on login to an IPA client and not sure why:
$ ssh -Y -l *ose-dev1* rhc1.interop.example.com
ose-d...@rhc1.interop.example.com's password:
Last login: Thu Jul 24 19:46:46 2014 from rhc1.interop.example.com
Kickstarted on 2013-12-11
*id: cannot find n
> Note that fixed 389-ds-base is now available in Fedora 20 updates-testing
> repo:
>
> https://admin.fedoraproject.org/updates/FEDORA-2014-8709/389-ds-base-
> 1.3.2.20-1.fc20
>
> If you install that + switch cn=config's nsslapd-allow-hashed-passwords
> attribute to "on", you will be able to fini
On Thu, Jul 24, 2014 at 4:24 PM, Lukas Slebodnik
wrote:
> You needn't configure sssd with id_privider=ipa. You can use FreeIPA as
> LDAP
> server without kerberos.
>
That is very true. I may try sssd in nsswitch again by changing
id_provider=ldap.
>
> It can be a typo.
>
Very *very* true. :DS
On (24/07/14 15:45), Daniel Shown wrote:
>Yeah, that was the first one I tried. A bit more than I need, and it didn't
>work for me. Setting the make.conf flag did not do for me what this guide
By default, sssd is build with plain openldap libraries without
sasl support net/openldap24-client
You ne
Yeah, that was the first one I tried. A bit more than I need, and it didn't
work for me. Setting the make.conf flag did not do for me what this guide
suggests it should (even some of the ports are no longer available under
those names). Thanks, though. :DS
===
*Dan
James James wrote:
> OK. Maybe this should be precised in the documentation.
It's in the ipa-client-automount man page:
The default automount location is named default. To specify a different
one use the --location option.
I'm open to suggestions on clarifying this. Right now it is in the
DESCRI
On (24/07/14 13:57), Rob Crittenden wrote:
>Petr Spacek wrote:
>> On 24.7.2014 18:26, Chris Whittle wrote:
>>> Would CentOS7 work with FreeIPA 4?
>>
>> In theory - it could work. However you will have to build few new
>> packages, including 389 DS, Kerberos libs, Dogtag CA and bind-dyndb-ldap.
>>
On (23/07/14 16:37), Daniel Shown wrote:
>So, I'm trying to get a FreeBSD (because ZFS is more stable there than in
>Linux) file server configured to have access user accounts in FreeIPA for
>proper ownership/permissions. It seems like it should be pretty
>straightforward. I don't even need to upda
OK. Maybe this should be precised in the documentation.
By the way, thanks your help.
Best regards.
2014-07-24 15:22 GMT+02:00 Jakub Hrozek :
> On Thu, Jul 24, 2014 at 10:48:44AM +0200, James James wrote:
> > The problem is solved.
> >
> > I had to explicity provides the location in the ipa-cl
Petr Spacek wrote:
> On 24.7.2014 18:26, Chris Whittle wrote:
>> Would CentOS7 work with FreeIPA 4?
>
> In theory - it could work. However you will have to build few new
> packages, including 389 DS, Kerberos libs, Dogtag CA and bind-dyndb-ldap.
>
> I'm attaching SPEC file diff from 3.3.3 to 4.0.
On 24.7.2014 18:26, Chris Whittle wrote:
Would CentOS7 work with FreeIPA 4?
In theory - it could work. However you will have to build few new packages,
including 389 DS, Kerberos libs, Dogtag CA and bind-dyndb-ldap.
I'm attaching SPEC file diff from 3.3.3 to 4.0.0 so you can see what new
pa
One of our larger users was in a similar situation a few years ago and
ended up running Fedora until RHEL caught up and then migrating the servers.
I'm running it on F20 because it seemed like the dependencies would make
running it on CentOS 7 a pile of pain I didn't need. I do think "RHEL catchi
On 07/24/2014 09:16 AM, Choudhury, Suhail wrote:
Hi Rich,
The version of 389 installed is:
[root@recsds1 sch32]# rpm -q 389-ds-base
389-ds-base-1.2.11.15-33.el6_5.x86_64
Re-initializing didn't work, so I uninstalled and re-installed replicas.
Went through a few rounds of connecting/re-initial
Would CentOS7 work with FreeIPA 4?
On Thu, Jul 24, 2014 at 11:23 AM, Rob Crittenden
wrote:
> Chris Whittle wrote:
> > Is it possible, I've looked around and most everyone says the
> > dependancies are too much outside of what it has.
>
> Not without building a whole ton of your own packages. An
Chris Whittle wrote:
> Is it possible, I've looked around and most everyone says the
> dependancies are too much outside of what it has.
Not without building a whole ton of your own packages. And we're not
talking simple, little packages. These would be significant upgrades for
which you'd have to
Is it possible, I've looked around and most everyone says the dependancies
are too much outside of what it has.
I'm about to implement FreeIPA across the CO and would rather do the big
upgrade first and not after.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.
On Thu, 24 Jul 2014, Daniel Shown wrote:
No, I don't believe 3.0 on CentOS 6 (sorry I didn't share that detail) has
ipa-advise. Isn't it introduced in FreeIPA 4? I'm not necessarily opposed
to upgrading, but I'm a bit reticent about switching from a yum package to
a git pull (perhaps I'm just a
No, I don't believe 3.0 on CentOS 6 (sorry I didn't share that detail) has
ipa-advise. Isn't it introduced in FreeIPA 4? I'm not necessarily opposed
to upgrading, but I'm a bit reticent about switching from a yum package to
a git pull (perhaps I'm just a bit gun shy today). Is there anything I can
Hi Rich,
The version of 389 installed is:
[root@recsds1 sch32]# rpm -q 389-ds-base
389-ds-base-1.2.11.15-33.el6_5.x86_64
Re-initializing didn't work, so I uninstalled and re-installed replicas.
Went through a few rounds of connecting/re-initializing and replication is
finally happy.
Also had
On Thu, Jul 24, 2014 at 10:48:44AM +0200, James James wrote:
> The problem is solved.
>
> I had to explicity provides the location in the ipa-client-automount
> command like this :
>
> ipa-client-automount --server=ipa.lix.polytechnique.fr --location=server1 -U
Ah, yes, the default location for
The FreeIPA team is proud to announce bind-dyndb-ldap version 5.1.
It can be downloaded from https://fedorahosted.org/released/bind-dyndb-ldap/
The new version has also been built for Fedora 20+ and and is on its way to
updates-testing:
https://admin.fedoraproject.org/updates/bind-dyndb-ldap-5
On Mon, Jul 21, 2014 at 04:17:44PM +0200, Jan Pazdziora wrote:
>
> if you need a way to quickly run FreeIPA server on your machine while
> keeping the machine open to installation and configuration of other
> software which would otherwise clash with the FreeIPA server, you can
> try FreeIPA in a
lookup_read_map: lookup(sss): getautomntent_r: No such file or directory
Looks like libsss_autofs package is not installed? Do you have file
/usr/lib64/sssd/modules/libsss_autofs.so
installed?
O.
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...
Hi James,
On Thu, 24 Jul 2014, James James wrote:
The files are in attachment.
Thanks for you help.
2014-07-24 9:41 GMT+02:00 Jakub Hrozek :
On Wed, Jul 23, 2014 at 11:45:28PM +0200, James James wrote:
HI guy, I've been struggling for a while tom make sssd works with
autofs . I have a freeipa
The problem is solved.
I had to explicity provides the location in the ipa-client-automount
command like this :
ipa-client-automount --server=ipa.lix.polytechnique.fr --location=server1 -U
Thanks again.
2014-07-24 10:22 GMT+02:00 James James :
> The files are in attachment.
>
> Thanks for yo
On 07/24/2014 02:30 AM, Fraser Tweedale wrote:
> On Wed, Jul 23, 2014 at 04:37:03PM -0500, Daniel Shown wrote:
>> So, I'm trying to get a FreeBSD (because ZFS is more stable there than in
>> Linux) file server configured to have access user accounts in FreeIPA for
>> proper ownership/permissions.
On 23.7.2014 18:01, Mark Heslin wrote:
Hi Alexander,
>SRV records need to be resolved first by your software and then resolved
>records used to perform lookups of the SRV entry content.
Ah, yes that explain it.
>If your clients don't know how to do that, you can use multiple A/
>recor
The files are in attachment.
Thanks for you help.
2014-07-24 9:41 GMT+02:00 Jakub Hrozek :
> On Wed, Jul 23, 2014 at 11:45:28PM +0200, James James wrote:
> > HI guy, I've been struggling for a while tom make sssd works with
> autofs .
> > I have a freeipa server that serves maps. When a client
On Wed, Jul 23, 2014 at 11:45:28PM +0200, James James wrote:
> HI guy, I've been struggling for a while tom make sssd works with autofs .
> I have a freeipa server that serves maps. When a client is enrolled and I
> make in a terminal
>
> root@host ~# ipa-client-automount -U
>
> everything is ok
31 matches
Mail list logo