On 08/04/2014 07:06 PM, Nordgren, Bryce L -FS wrote:
>
>> Hmm, sorry for incomplete instructions then. I updated the instructions to
>> cope with that situation better (details in
>> https://fedorahosted.org/freeipa/ticket/4466#comment:2). Please feel free
>> to report more findings or even better
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/04/2014 01:51 PM, Ade Lee wrote:
> OK - I suspect you may be running into an issue with serial number
> generation. Each time we install a clone, we end up allocating a
> new range of serial numbers for the clone.
>
> The idea is to keep sep
On Friday, July 25, 2014 01:43:04 PM Anthony Messina wrote:
> On Friday, July 25, 2014 11:00:05 AM Rich Megginson wrote:
> > On 07/25/2014 10:43 AM, Anthony Messina wrote:
> > On Friday, July 25, 2014 10:26:55 AM Rich Megginson wrote:
> > On 07/25/2014 01:46 AM, Anthony Messina wrote:
> > On Thursd
On 08/04/2014 04:37 PM, Alexander Bokovoy wrote:
On Mon, 04 Aug 2014, Mark Heslin wrote:
Folks,
Does anyone know the current disposition of $subject? The FreeIPA
documentation:
http://www.freeipa.org/page/Howto/IPAv3_AD_trust_setup#Firewall_configuration
would seem to indicate this is no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/04/2014 08:46 AM, Rob Crittenden wrote:
> Erinn Looney-Triggs wrote:
>> On 08/04/2014 04:01 AM, Martin Kosek wrote:
>>> On 08/04/2014 04:45 AM, Erinn Looney-Triggs wrote:
> Whether related or not I am getting the fol
On Mon, 04 Aug 2014, Mark Heslin wrote:
Folks,
Does anyone know the current disposition of $subject? The FreeIPA
documentation:
http://www.freeipa.org/page/Howto/IPAv3_AD_trust_setup#Firewall_configuration
would seem to indicate this is no longer necessary. Is this "official"
or should we b
Folks,
Does anyone know the current disposition of $subject? The FreeIPA
documentation:
http://www.freeipa.org/page/Howto/IPAv3_AD_trust_setup#Firewall_configuration
would seem to indicate this is no longer necessary. Is this "official"
or should we block
just the Win/AD server from these p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/04/2014 11:48 AM, Ade Lee wrote:
> OK - so its not really even getting started on the install. My
> guess is there is some cruft from previous installs/uninstalls that
> was not cleaned up. Is there anything in the directory server logs
> on
> Hmm, sorry for incomplete instructions then. I updated the instructions to
> cope with that situation better (details in
> https://fedorahosted.org/freeipa/ticket/4466#comment:2). Please feel free
> to report more findings or even better help us enhance the page even
> further :-)
Hmm, I though
On 08/01/2014 12:23 AM, barry...@gmail.com wrote:
Hi :
Is it possible to read clear text of password of ipa users by admin ?
No.
I m facing the issue of half rollout as half vol.of users changed
password already.
And if i deploy and reset all password then it may make issue for this
h
Erinn Looney-Triggs wrote:
> On 08/04/2014 04:01 AM, Martin Kosek wrote:
>> On 08/04/2014 04:45 AM, Erinn Looney-Triggs wrote:
>>>
>>>
>>>
>>>
Whether related or not I am getting the following in my RHEL
6.5 IPA instance /var/log/dirsrv/slapd-PKI-CA/debug log:
>>>
[26/Jul/2014:20:23:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/04/2014 04:01 AM, Martin Kosek wrote:
> On 08/04/2014 04:45 AM, Erinn Looney-Triggs wrote:
>>
>>
>>
>>
>>> Whether related or not I am getting the following in my RHEL
>>> 6.5 IPA instance /var/log/dirsrv/slapd-PKI-CA/debug log:
>>
>>> [26
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/04/2014 06:36 AM, Ade Lee wrote:
>>
>> Well here is probably the pertinent part of the debug log,
>> though there is a lot more when the clone is setting up:
>> [31/Jul/2014:13:23:53][TP-Processor3]: AuthMgrName:
>> certUserDBAuthMgr [31/Jul/
On Thu, 2014-07-31 at 06:27 -0700, Erinn Looney-Triggs wrote:
> On 07/30/2014 02:31 PM, Ade Lee wrote:
> > On Tue, 2014-07-29 at 17:49 -0700, Erinn Looney-Triggs wrote:
>
> >>
> Ok, well I tried deleting it using certutil it deletes both,
> I tried using keytool to see if it would
On 08/04/2014 01:36 AM, Nordgren, Bryce L -FS wrote:
> Spoke too soon. I needed the following "extra" selinux policy module to make
> all the AVCs go away.
>
> BTW: the instructions on http://www.freeipa.org/page/PKI really only work if
> you leave the password blank when you create a new databa
On 08/04/2014 04:45 AM, Erinn Looney-Triggs wrote:
>
>
>
>
>> Whether related or not I am getting the following in my RHEL 6.5
>> IPA instance /var/log/dirsrv/slapd-PKI-CA/debug log:
>
>> [26/Jul/2014:20:23:23 +] slapi_ldap_bind - Error: could not
>> send startTLS re quest: error -1 (Can't
On 08/04/2014 09:40 AM, Matt . wrote:
> Hi,
>
> Yes I did in the past. THe DNS tabs are there and named is installed.
You probably installed DNS service on another FreeIPA server. However, there is
a configuration space telling which server has which services configured. It
seems that it does not
On Mon, Aug 04, 2014 at 09:18:11AM +0200, Jakub Hrozek wrote:
> On Fri, Aug 01, 2014 at 10:58:14AM -0700, William Graboyes wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA512
> >
> > Thanks for your help,
> >
> > The group memberships are propagated properly on the server side:
> >
>
Hi,
Yes I did in the past. THe DNS tabs are there and named is installed.
Can I run that "over" without any issue ?
In any other case I just can reinstall the ipa software on the replica
and create a new setup for it...
Cheers,
Matt
2014-08-04 1:52 GMT+02:00 Simo Sorce :
> On Sun, 2014-08-03
On Fri, Aug 01, 2014 at 10:58:14AM -0700, William Graboyes wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Thanks for your help,
>
> The group memberships are propagated properly on the server side:
>
> dn: uid=user,cn=users,cn=accounts,dc=cenic,dc=org
> uid: user
> givennam
20 matches
Mail list logo
