Re: [Freeipa-users] ipa-client-install not creating reverse DNS entries

On Fri, 2015-09-11 at 10:25 -0700, nat...@nathanpeters.com wrote: > I have been trying to figure this out for a while now but when I join > machine to FreeIPA, the installer properly creates forward DNS > entries,and DNSSSHFP entries, but does not create reverse entries. > Without the PTR

[Freeipa-users] ipa-client-install not creating reverse DNS entries

I have been trying to figure this out for a while now but when I join a machine to FreeIPA, the installer properly creates forward DNS entries, and DNSSSHFP entries, but does not create reverse entries. Without the PTR records, kerberos logins are always failing on these machines. The reverse

[Freeipa-users] [work-around] sss_ssh_knownhostsproxy problem with sparkleshare due to setlocale()

Hi, I kind of fixed my problem, but I share it there in case it can help others. I had problems with sparkleshare on my freeIPA-enrolled workstation, e.g. I got error messages like this: 19:04:52 | Cmd | QB_resources | git ls-remote --heads --exit-code

[Freeipa-users] New Host and IP Address

Hello, System CentOs 7 FreeIPA 4.1, I like to add a new Host with a Service like imap/imap.example.com The imap.example.com exist in the zone file with a CNAME Record. I can't found the correct Doc for my Problem ;-) the second Problem is, is it possible to add a IPv6 Address to the Host and

Re: [Freeipa-users] [work-around] sss_ssh_knownhostsproxy problem with sparkleshare due to setlocale()

On Fri, 11 Sep 2015, Karl Forner wrote: Hi, I kind of fixed my problem, but I share it there in case it can help others. I had problems with sparkleshare on my freeIPA-enrolled workstation, e.g. I got error messages like this: 19:04:52 | Cmd | QB_resources | git ls-remote --heads --exit-code

Re: [Freeipa-users] New Host and IP Address

On Fri, 11 Sep 2015, Günther J. Niederwimmer wrote: Hello, System CentOs 7 FreeIPA 4.1, I like to add a new Host with a Service like imap/imap.example.com The imap.example.com exist in the zone file with a CNAME Record. I can't found the correct Doc for my Problem ;-) ipa help host ipa help

Re: [Freeipa-users] [work-around] sss_ssh_knownhostsproxy problem with sparkleshare due to setlocale()

done: Ticket #2785 On Fri, Sep 11, 2015 at 10:17 AM, Alexander Bokovoy wrote: > On Fri, 11 Sep 2015, Karl Forner wrote: > >> Hi, >> >> I kind of fixed my problem, but I share it there in case it can help >> others. >> >> I had

Re: [Freeipa-users] Using SSH from Active Directory machines for FreeIPA clients with kerberos tickets

On Fri, 11 Sep 2015, Morgan Marodin wrote: Hi everyone. I've seen these guides: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/trust-ssh.html https://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/trust-ssh.html

Re: [Freeipa-users] AD Trust Issues

On Fri, 11 Sep 2015, Matt Wells wrote: I've been working on an AD trust with our freeipa servers but have run into some of the same issues others have had. It's well documented here however I feel I've mitigated these - https://bugzilla.redhat.com/show_bug.cgi?id=1219832 Freeipa Servers are

Re: [Freeipa-users] ntpd frequency error xxx PPM exceeds tolerance 500 PPM

Has this got anything to do with ipa ? The messages started only recently, which makes me think that it's not a hardware issue. There were only two notable changes to this system recently. The hdd had to be replaced, and a replica was set up. Could either have any part to play ? On Thu, Sep 10,

[Freeipa-users] Search 'hosts'

ipa-server-4.1.0-18.el7_1.4.x86_64 Maybe I was spoiled but from the web ui, I can't seem to search for hosts or DNS names - all searches seem to return nothing at all User searches work (thankfully) Previous version 3.0.0 from RHEL6 I could just put in ipa and get the hosts listed that had

[Freeipa-users] vsftpd PAM setup problem

Hi All, I am using RHEL 7 with ipa server and vsftpd - no modifications to installed packages whatsoever. Local users (listed in /etc/passwd) can login using ftp client but ipa defined users get login denied. Here is the snippet from /var/log/audit/audit.log type=USER_AUTH

Re: [Freeipa-users] ipa-client-install not creating reverse DNS entries

On 9/11/2015 10:32 AM, Simo Sorce wrote: On Fri, 2015-09-11 at 10:25 -0700, nat...@nathanpeters.com wrote: I have been trying to figure this out for a while now but when I join machine to FreeIPA, the installer properly creates forward DNS entries,and DNSSSHFP entries, but does not create

Re: [Freeipa-users] Migrating from iDM/FreeIPA RHEL 6.5 to 7.1 - CA Server Master

-Original Message- From: Martin Kosek [mailto:mko...@redhat.com] Sent: Friday, September 11, 2015 8:46 AM To: Rob Crittenden; Craig White; freeipa-users@redhat.com; Jan Cholasta; Jan Cholasta Subject: Re: [Freeipa-users] Migrating from iDM/FreeIPA RHEL 6.5 to 7.1 - CA Server Master On

Re: [Freeipa-users] Logging?

On Thu, Sep 10, 2015 at 08:05:16AM -0700, Janelle wrote: > On 9/10/15 7:55 AM, Martin Kosek wrote: > >On 09/09/2015 09:50 PM, Janelle wrote: > >>Hello, > >> > >>I was wondering if anyone has played with thee extended logging of IPA and > >>specifically SSSD and the kibana dashboards they put

Re: [Freeipa-users] Sudo entry not found by sssd in the cache db

On 09/09/2015 09:31 PM, Molnár Domokos wrote: I have a working IPA server and a working client config on an OpenSuse 13.2 with the following versions: nappali:~ # rpm -qa |grep sssd sssd-tools-1.12.2-3.4.1.i586 sssd-krb5-1.12.2-3.4.1.i586 python-sssd-config-1.12.2-3.4.1.i586

Re: [Freeipa-users] Sudo entry not found by sssd in the cache db

"Pavel Březina" írta: >On 09/09/2015 09:31 PM, Molnár Domokos wrote: >> I have a working IPA server and a working client config on an OpenSuse >> 13.2 with the following versions: >> nappali:~ # rpm -qa |grep sssd >> sssd-tools-1.12.2-3.4.1.i586 >>

Re: [Freeipa-users] Logging?

On 9/11/15 3:25 AM, Jakub Hrozek wrote: On Thu, Sep 10, 2015 at 08:05:16AM -0700, Janelle wrote: On 9/10/15 7:55 AM, Martin Kosek wrote: On 09/09/2015 09:50 PM, Janelle wrote: Hello, I was wondering if anyone has played with thee extended logging of IPA and specifically SSSD and the kibana

Re: [Freeipa-users] Migrating from iDM/FreeIPA RHEL 6.5 to 7.1 - CA Server Master

On 09/11/2015 03:29 PM, Rob Crittenden wrote: > Craig White wrote: >> Following instructions from here… >> >> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/migrating-ipa-proc.html >> >> >> >> RHEL6 server >> >>

[Freeipa-users] Using SSH from Active Directory machines for FreeIPA clients with kerberos tickets

Hi everyone. I've seen these guides: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/trust-ssh.html https://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/trust-ssh.html