Re: [Freeipa-users] AD trust deployment without IPA authority over reverse lookup zone

On Tue, 2015-08-25 at 15:19 +0200, Petr Spacek wrote: On 1.8.2015 21:19, John Stein wrote: Hi, Thanks for the reply. Any Idea when will the GSSAPI-updating bug fix get to RHEL 7? You can watch the progress here: https://bugzilla.redhat.com/show_bug.cgi?id=1214827 Unfortunately

[Freeipa-users] firefox add-on corrupt

Hello I got ipa server and replica working for over a year. But now when I try to acces the web ui I have to login with user/password intead of kerberos ticket. If I go to http://ipaserver.bla.bla.bla/ipa/config/browserconfig.html and click on Install Kerberos Configuration Firefox extension it

Re: [Freeipa-users] bind-dynamicdb TKEY update

On 29.7.2015 06:30, Jorgen Lundman wrote: Hola! So with todays advisory: https://kb.isc.org/article/AA-01272 we finally get to test the procedure to patch and update here :) Are there any plans for the dynamic_db github to pull in the fix, or should I proceed with that step? For the

Re: [Freeipa-users] AD trust deployment without IPA authority over reverse lookup zone

On Tue, 25 Aug 2015, Simo Sorce wrote: On Tue, 2015-08-25 at 15:19 +0200, Petr Spacek wrote: On 1.8.2015 21:19, John Stein wrote: Hi, Thanks for the reply. Any Idea when will the GSSAPI-updating bug fix get to RHEL 7? You can watch the progress here:

Re: [Freeipa-users] AD trust deployment without IPA authority over reverse lookup zone

On 25.8.2015 16:08, Alexander Bokovoy wrote: On Tue, 25 Aug 2015, Simo Sorce wrote: On Tue, 2015-08-25 at 15:19 +0200, Petr Spacek wrote: On 1.8.2015 21:19, John Stein wrote: Hi, Thanks for the reply. Any Idea when will the GSSAPI-updating bug fix get to RHEL 7? You can watch the

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

Hi Simo, We are usingsession optional *pam_oddjob_mkhomedir*.so umask=0077 *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in http://www.initd.in/ * *RHCE, VCE-CIA, RACKSPACE CLOUD U

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

Hi Simo, We are usingsession optional *pam_oddjob_mkhomedir*.so umask=0077 and included in password-auth-ac and password-auth *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com yks0...@gmail.com | Web: www.initd.in

Re: [Freeipa-users] AD trust deployment without IPA authority over reverse lookup zone

On 1.8.2015 21:19, John Stein wrote: Hi, Thanks for the reply. Any Idea when will the GSSAPI-updating bug fix get to RHEL 7? You can watch the progress here: https://bugzilla.redhat.com/show_bug.cgi?id=1214827 Unfortunately fixing this bug will not be sufficient for your particular

[Freeipa-users] Trying to enroll clients on CentOS7 with '--' in the host name failing

We have a rather strange need to have '--' in some standard host names and when I use the CentOS7 ipa-client 4.1 I get the following error message. [root@pan-smk-pdev lib]# ipa-join -h craigs--ipa--client--test.pearsondev.com RPC failed at server. invalid 'hostname': invalid domain-name: only

Re: [Freeipa-users] Trying to enroll clients on CentOS7 with '--' in the host name failing

McNiel, Craig wrote: We have a rather strange need to have '--' in some standard host names and when I use the CentOS7 ipa-client 4.1 I get the following error message. [root@pan-smk-pdev lib]# ipa-join -h craigs--ipa--client--test.pearsondev.com http://craigs--ipa--client--test.pearsondev.com

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

On Tue, 2015-08-25 at 15:30 +0530, Yogesh Sharma wrote: Hi Simo, We are usingsession optional *pam_oddjob_mkhomedir*.so umask=0077 and included in password-auth-ac and password-auth I guess you should read the pam_oddjob_mkhomedir manpage which will tell you that the way you