On 04/14/2015 03:51 AM, Brian Topping wrote:
On Apr 13, 2015, at 1:33 PM, Martin Kosek mko...@redhat.com wrote:
On 04/12/2015 05:27 AM, Brian Topping wrote:
Hi all, trying to figure out if I may have contaminated my ACIs in the
process of upgrading my replicated deployment. I didn't
You do not need to uninstall the 4 server, you just need to install the CA
component on it:
# ipa-ca-install /path/to/replica.file
... and make it CRL/renewal master. See step 8 and later in
On 13.4.2015 16:07, Janne Blomqvist wrote:
On 2015-04-10 12:05, Petr Spacek wrote:
On 10.4.2015 10:52, Janne Blomqvist wrote:
On 2015-04-07 14:29, Martin Kosek wrote:
On 04/05/2015 08:03 PM, Dmitri Pal wrote:
On 04/05/2015 12:51 PM, Janelle wrote:
Hello,
Trying to find a way on a
Thanks. Yes, the feature would be pretty useful. Do you have any thoughts
on the documentation blurb mentioned a couple of mails ago ( Use a remote
user ...) ? The local root on the IPA server can be mapped to a
particular user on the NFS server. That bit sounds straightforward. The
other parts
Getting FreeIPA Synology DSM5 working together is something I'm interested in
doing as well.
I'm happy to proof read as well
On 14 Apr 2015, at 09:55, Martin Kosek mko...@redhat.com wrote:
We will get someone review the chapter again, to remove the uncertainty. Would
you then be willing
On Tue, 14 Apr 2015, Martin Kosek wrote:
On 04/13/2015 05:37 PM, Alexander Bokovoy wrote:
On Mon, 13 Apr 2015, Gould, Joshua wrote:
I’ve looked at the docs and it looks as if I can specify an external
user who can have sudo rights via IPA.
On 04/14/2015 11:04 AM, Iain Bell wrote:
Getting FreeIPA Synology DSM5 working together is something I'm interested in
doing as well.
Just to make sure we are on the same page - someone would proof read the
problematic chapter in Red Hat docs:
We have the option to deploy our production IPA environment on either
x86_64/VMWare or IBM Power. The RHEL7 IDM doc states that only x86_64 is
supported.
Hey Rob,
It couldn't find the group when I did your command. I replaced show with find
and was able to find the dn number.
I can use the ldapdelete command to delete the entry right?
Thanks,
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: Tuesday,
Joseph, Matthew (EXP) wrote:
Hey Rob,
So I did the following command;
Ldapdelete -D cn=Directory Manager -h server_name -p 389
cn=group_name,cn=groups,cn=accounts,dc=domain,dc=ca and it comes back with
the following;
Ldap_delete: No such object
I also tried replacing the group_name
David Dejaeghere wrote:
Hi Rob,
So you want to output of the command using pk12 with server cert and
key? or with the ca chain in there too?
Oddly enough it is failing in exactly the same place. Those GoDaddy CA
certs are still being loaded from somewhere, I'm not sure where, and I
suspect
Hey Rob,
So I did the following command;
Ldapdelete -D cn=Directory Manager -h server_name -p 389
cn=group_name,cn=groups,cn=accounts,dc=domain,dc=ca and it comes back with
the following;
Ldap_delete: No such object
I also tried replacing the group_name with the nsuniqueid and still the same
I tried to do the following command;
Ldapdelete -D cn=Directory Manager -h server_name -p 389
cn=nsuniqueid_random_set_of_numbers,cn=groups,cn=accounts,dc=domain,dc=ca
And I get the ldap_delete: no such object
Matt
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Hello
I mean I have a Problem with the ipa-getcert script.
system CentOS 7 (1503) and IPA 4.1.x
can any help or declare my mistake or is this a IPA Problem
I do a
kinit admin
ipa-getcert request -d /etc/pki/nssdb -n Server-Cert -K HOST/xxx.4gjn.prv -N
'CN=xxx.4gjn.prv,O=$4GJN.PRV'
and have
On 04/14/2015 05:36 PM, Mateusz Malek wrote:
On Fri, Apr 10, 2015 at 08:48 PM, Jakub Hrozek wrote:
On Fri, Apr 10, 2015 at 12:39:20PM -0400, Dmitri Pal wrote:
On 04/10/2015 08:13 AM, Mateusz Malek wrote:
I'm about to migrate my OpenLDAP-based environment to FreeIPA, however
I've hit some
Joseph, Matthew (EXP) wrote:
Hello,
Im trying to delete a group in IdM but when I do a ipa group-del
group it states the following;
Ipa: ERROR: group: group not found
I do an ipa group-find and it displays the group with the current memebers.
I look in the WebgUI
On Fri, Apr 10, 2015 at 08:48 PM, Jakub Hrozek wrote:
On Fri, Apr 10, 2015 at 12:39:20PM -0400, Dmitri Pal wrote:
On 04/10/2015 08:13 AM, Mateusz Malek wrote:
I'm about to migrate my OpenLDAP-based environment to FreeIPA, however
I've hit some weird performance problems. When I'm using IPA,
On Tue, 14 Apr 2015, g.fer.or...@unicyber.co.uk wrote:
Hi
Dealing with AD -- Cert Trust I am reaching the following step:
ipa trust-add ad.company.com --admin user --password
Active Directory domain administrator's password:
ipa: ERROR: AD DC was unable to reach any IPA domain controller.
Hi,
Dne 14.4.2015 v 19:47 Rob Crittenden napsal(a):
David Dejaeghere wrote:
Hi Rob,
So you want to output of the command using pk12 with server cert and
key? or with the ca chain in there too?
Oddly enough it is failing in exactly the same place. Those GoDaddy CA
certs are still being
Joseph, Matthew (EXP) wrote:
I tried to do the following command;
Ldapdelete -D cn=Directory Manager -h server_name -p 389
cn=nsuniqueid_random_set_of_numbers,cn=groups,cn=accounts,dc=domain,dc=ca
And I get the ldap_delete: no such object
Maybe this will help:
On 04/13/2015 10:41 PM, Thomas Lau wrote:
Hi,
It's an in-house program which runs on one kerberos user.
You need to look what this program is doing.
I suspect it is doing some sort of kinit itself and does not rely on the
PAM stack, i.e it bypasses SSSD in the given scenario.
Can this be the
On 04/14/2015 12:35 PM, thierry bordaz wrote:
On 04/14/2015 05:36 PM, Mateusz Malek wrote:
On Fri, Apr 10, 2015 at 08:48 PM, Jakub Hrozek wrote:
On Fri, Apr 10, 2015 at 12:39:20PM -0400, Dmitri Pal wrote:
On 04/10/2015 08:13 AM, Mateusz Malek wrote:
I'm about to migrate my OpenLDAP-based
Hi
Dealing with AD -- Cert Trust I am reaching the following step:
ipa trust-add ad.company.com --admin user --password
Active Directory domain administrator's password:
ipa: ERROR: AD DC was unable to reach any IPA domain controller. Most
likely it is a DNS or firewall issue
Reaching
Thanks that actually helped. I have the CA moved and the old server
decommissioned now. Thanks.
Regards,
--
Aric Wilisch
awili...@gmail.com
On Apr 14, 2015, at 3:07 AM, Martin Kosek mko...@redhat.com wrote:
You do not need to uninstall the 4
On Tue, Apr 14, 2015 at 08:18:38PM +0200, Günther J. Niederwimmer wrote:
Hello
I mean I have a Problem with the ipa-getcert script.
system CentOS 7 (1503) and IPA 4.1.x
can any help or declare my mistake or is this a IPA Problem
I do a
kinit admin
ipa-getcert request -d
25 matches
Mail list logo