hi,
This might save some time to someone, so let me post it to the list.
TLDR, when using php to connect to an AD ldaps host using ADCS from IPA
joined hosts modify /etc/openldap/ldap.conf or $HOME/.ldaprc and change the
TLS_CACERT environment variable to
TLS_CACERT
On 12.9.2014 10:57, Renier Gertzen wrote:
Hi
Before starting IPA install i did yum -y intstall bind*. I think that did it.
Regards,
On Fri, 2014-09-12 at 10:43 +0200, Petr Spacek wrote:
Hello!
On 12.9.2014 09:39, Renier Gertzen wrote:
Issue resolved in the following manner
I saved
Hello,
On Thu, 11 Sep 2014 16:12:40 +0200
Jakub Hrozek jhro...@redhat.com wrote:
On Wed, Sep 10, 2014 at 09:58:27PM +, Trevor T Kates (Services -
6) wrote:
Hi all:
I'm using FreeIPA 3.0 under CentOS 6.5 and I'm trying to solve a
bit of a quirky problem. From what I've read thus
hi,
Centos 6.5.
I want to create a certificate request for our mysql servers. I came up
with this command line:
$ sudo /usr/bin/ipa-getcert request -r -f /etc/pki/tls/certs/`hostname
--fqdn`-mysql.crt -k /etc/pki/tls/private/`hostname --fqdn`-mysql.key -D
`dnsdomainname` -U id-kp-serverAuth -K
Hi all,
I wonder if anyone has any advice. We changed password policy to 2 days a
few weeks ago.
Over the weekend, passwords expired and now we cannot login. All admin accounts
are essentially unusable.
Seems to be this issue: https://fedorahosted.org/freeipa/ticket/3312
Any ideas how to
FYI, for any Fedora testers out there, we have updated to 4.0.3 in
Fedora 21 in part because it substantially reduces the size of the
install media for the upcoming Alpha release. If you'd like to test and
provide feedback on the packages, the link is here:
On 09/12/2014 09:19 PM, Dmitri Pal wrote:
On 09/12/2014 02:43 PM, Michael Lasevich wrote:
That is awesome, but I am clearly missing some insight as to how this is
supposed to work. Can you point me to some more specific info on how to
accomplish this.
I tried using the ipa-getcert request
On 09/15/2014 03:31 PM, Natxo Asenjo wrote:
hi,
Centos 6.5.
I want to create a certificate request for our mysql servers. I came up
with this command line:
$ sudo /usr/bin/ipa-getcert request -r -f /etc/pki/tls/certs/`hostname
--fqdn`-mysql.crt -k /etc/pki/tls/private/`hostname
Natxo Asenjo wrote:
hi,
Centos 6.5.
I want to create a certificate request for our mysql servers. I came up
with this command line:
$ sudo /usr/bin/ipa-getcert request -r -f /etc/pki/tls/certs/`hostname
--fqdn`-mysql.crt -k /etc/pki/tls/private/`hostname --fqdn`-mysql.key -D
`dnsdomainname`
Hello,
I've got a webserver whose default export is on a kerberized nfs4 export.
The export works fine for regular ipa users
However the apache user is not allowed to read anything from the export.
What would be the best practice to allow the apache user access to the nfs4
export without
On 09/15/2014 04:45 PM, Nathaniel McCallum wrote:
FYI, for any Fedora testers out there, we have updated to 4.0.3 in
Fedora 21 in part because it substantially reduces the size of the
install media for the upcoming Alpha release. If you'd like to test and
provide feedback on the packages, the
Sorry, second ticket should have been
https://fedorahosted.org/freeipa/ticket/3312
On 09/15/2014 05:36 PM, Tomas Babej wrote:
Just for the record, this should be fixed since FreeIPA 3.2:
https://fedorahosted.org/freeipa/ticket/3114
https://fedorahosted.org/freeipa/ticket/3114
On 09/15/2014
On Mon, 2014-09-15 at 17:26 +0200, Petr Viktorin wrote:
On 09/15/2014 04:45 PM, Nathaniel McCallum wrote:
FYI, for any Fedora testers out there, we have updated to 4.0.3 in
Fedora 21 in part because it substantially reduces the size of the
install media for the upcoming Alpha release. If
On Mon, Sep 15, 2014 at 5:03 PM, Rob Crittenden rcrit...@redhat.com wrote:
Natxo Asenjo wrote:
hi,
Centos 6.5.
I want to create a certificate request for our mysql servers. I came up
with this command line:
$ sudo /usr/bin/ipa-getcert request -r -f /etc/pki/tls/certs/`hostname
Martin, this was extremely helpful. I got it to work manually, now all I
need to do is automate the process :-)
The only thing missing from this is that I needed to do ipa host-add
san.host.example.test before your other ipa service-add commands . You
mentioned it, but not shown the command, so
Hi Rob,
How does the NFS server map the apache user to “something” it recognizes? I
would suggest that the easiest solution may be to use an IPA account called
“apache”, so that the mappings would just work, but currently I’m having
trouble running a service as a domain user via systemd.
Hello all !
I have deployed test environment for AD trust feature, the environment
contains :
Windows Server 2008 - AD Server.
RHEL 7 - IPA 3.3 Server.
RHEL 6.2 - IPA Client.
I have established the trust as IPA in the sub domain of AD.
AD DNS domain - blue.com
IPA DNS domain - linux.blue.com
On Monday, September 15, 2014 06:10:13 PM Nordgren, Bryce L -FS wrote:
How does the NFS server map the apache user to “something” it recognizes? I
would suggest that the easiest solution may be to use an IPA account called
“apache”, so that the mappings would just work, but currently I’m having
18 matches
Mail list logo