On 07/30/2014 07:16 PM, Robert Walker wrote:
Hi,
I've got 2 IPA servers running in a relationship. One is ok as far as
logging into the webui and the other will only let me kinit admin on the
console of the server. When I try to login into the webui Your session has
expired. Please
On 07/31/2014 07:49 AM, Matt Bryant wrote:
All,
Got an issue with an IPA replica in that the certs in /etc/httpd/alias
/etc/dirsrv/slapd-IPA-REALM have expired.
I assume that this replica does not have a CA and we are only dealing with
service HTTPD and DIRSRV service certificates.
Have
Hi,
Thanks for the reply, unfortunately I can not find the package on
Scientific Linux, is there a workaround?
Thanks.
Luca Tartarini
2014-07-30 15:00 GMT+02:00 Simo Sorce sso...@redhat.com:
On Tue, 2014-07-29 at 15:58 +0200, Martin Kosek wrote:
On 07/29/2014 03:47 PM, Luca Tartarini
Without this package for your platform, you cannot move further. So you would
either need to switch to some platform that has this package available (RHEL,
CentOS, Fedora) or take the source bits and build it for your platform
yourselves.
Maybe you would get lucky with rebuilding the source RPM
(Adding back the users list as this may be interesting for everyone)
Ok, the steps suggested below should help. If the DS does not want to start at
all because of the expired certificate, you can also edit
/etc/dirsrv/slapd-YOUR-REALM/dse.ldif and edit it manually (only when dirsrv
service is
On Thu, 2014-07-31 at 09:53 +0200, Luca Tartarini wrote:
Hi,
Thanks for the reply, unfortunately I can not find the package on
Scientific Linux, is there a workaround?
I saw from the lasso mailing list that you built the lasso package
yourself, make sure you built the python bindings, they
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 07/30/2014 02:31 PM, Ade Lee wrote:
On Tue, 2014-07-29 at 17:49 -0700, Erinn Looney-Triggs wrote:
Ok, well I tried deleting it using certutil it deletes both,
I tried using keytool to see if it would work any better, no
dice there. I'll
So if I understand this right, you're planning on two back to back user
migrations? First is local-FreeIPA, then eventually FreeIPA-AD? Are your
current local users coincidentally the same as your current AD users?
Well - I will likely try to skip the Local - FreeIPA and just go directly to
Baird, Josh wrote:
So if I understand this right, you're planning on two back to back user
migrations? First is local-FreeIPA, then eventually FreeIPA-AD? Are your
current local users coincidentally the same as your current AD users?
Well - I will likely try to skip the Local - FreeIPA and
I wouldn't recommend duplicating your users, pick one and use that. If you
want to be able to manage your users, groups, HBAC, sudo, etc.
centrally then you'll want the users in IPA. But if you leave them locally you
may end up with corner case problems.
If you *do* end up adding your
Well, the users are definitely going to be in IPA (or AD via IPA). However,
they *will* exist in both IPA and locally during the migration period. If
they
have the same UID/GIDs in both places (local and IPA), then I will need to
prefer IPA to 'files' in nsswitch.conf. The main reason I
On Thu, Jul 31, 2014 at 03:23:50PM +, Nordgren, Bryce L -FS wrote:
Well, the users are definitely going to be in IPA (or AD via IPA). However,
they *will* exist in both IPA and locally during the migration period. If
they
have the same UID/GIDs in both places (local and IPA), then
Hi
I am currently deploying CentOS and FreeIPA and i am looking for some
recommendation on chef cookbooks. I have googled around but haven't found
anything that is current. I found a git repo from Sean OMeara but last
contribution was 3 years ago.
If anyone can point me in the right direction i
On Thu, Jul 31, 2014 at 11:55 AM, Ash Alam a...@paperlesspost.com wrote:
Hi
I am currently deploying CentOS and FreeIPA and i am looking for some
recommendation on chef cookbooks. I have googled around but haven't found
anything that is current. I found a git repo from Sean OMeara but last
Hi,
Sorry for delay - paternity leave took me away from work rather
abruptly.
Do you still want RFE's written up for these?
My brain might have been fried when I thought about this, but is there
any mileage in creating an elasticsearch (or similar) database of the
useful fields and using that
Hi,
I must be missing something obvious in getting memberof plugin to work..
Any ideas?
Thanks in advance...
~K
--
./fixup-memberof.pl -D 'cn=Directory Manager' -b
'dc=red,dc=lemon,dc=com' -w - -v
ldap_initialize( ldap://localhost:7389 )
add objectclass:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi List,
I am running into some odd issues with IPA and users not inheriting
all groups they are a member of.
I spent a lot of time nesting groups so that when we add a user all of
the groups they need with one group setting (a boon for
17 matches
Mail list logo