Hello, I'm trying to setup a partial replica of the LDAP tree stored in
389-ds by FreeIPA 4.1 (under CentOS 7), so that legacy systems have a
local copy of the data needed to authenticate.
Those systems have already OpenLDAP installed, so I 'm trying to enable
syncrepl from DS to OL.
I followed
Hello Michael,
It is possible that this problem comes from obsolete package in the
mkosek/freeipa COPR repo, which was fixed in Fedora/RHEL, but not there.
Can you please try to update the 389-ds-base from
https://copr.fedoraproject.org/coprs/mkosek/freeipa/
? I rebuilt the latest F21
Unfortunately sudo package included in amzn linux does not work with sudo rules
provided via SSS however it is in the feature requests list.
To workaround this you can replace it with the CentOS one:
http://mirror.centos.org/centos/6.7/os/x86_64/Packages/sudo-1.8.6p3-19.el6.x86_64.rpm
Hi,
can you try to get a core dump:
http://directory.fedoraproject.org/docs/389ds/FAQ/faq.html#debug_crashes
and open a ticket for 389 DS: https://fedorahosted.org/389/newticket
Ludwig
On 09/24/2015 09:08 AM, Nicola Canepa wrote:
Hello, I'm trying to setup a partial replica of the LDAP tree
On 09/23/2015 10:05 PM, Janelle wrote:
> On 9/13/15 11:46 PM, Alexander Bokovoy wrote:
>> On Sun, 13 Sep 2015, Janelle wrote:
>>> Hello,
>>>
>>> I read something recently that if ip v6 is disable on a server this
>>> hurts performance in some way? Is there more info on this or did I
>>> misread
On 09/23/2015 05:27 PM, Andrew Holway wrote:
> Hi,
>
> When a user changes their password the ipa gui briefly redirects to a login
> page. The user often has an impulse to click on the login button which, on
> occasion, can seem to cause a mess with the password change.
>
> Anyone else aware of
Hello Andy,
I understand that you run sssd-1.12.4-47.el6.x86_64 on ipa client, right?
What version of SSSD do you run on ipa server?
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on
On 09/23/2015 04:32 PM, bahan w wrote:
> Hello !
>
> I'm using IPA 3.0.0 and I have a problem with one of the user I created.
> user3
>
> I created this user with the command ipa user-add without specifying any
> password.
> Then I performed an ipa-getkeytab command with the -P option to have a
On Thu, 2015-09-24 at 08:23 +0300, Alexander Bokovoy wrote:
> You need to explain what are you trying to achieve first.
Sure. It is entirely likely that I am misunderstanding what I should
be doing.
A system service needs to be able to authenticate to the service
imap/linux.example.com as a
On 09/24/2015 02:50 PM, Andy Thompson wrote:
-Original Message-
From: freeipa-users-boun...@redhat.com [mailto:freeipa-users-
boun...@redhat.com] On Behalf Of Pavel Reichl
Sent: Thursday, September 24, 2015 5:18 AM
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] rhel 6.7
On Thu, 24 Sep 2015, Janelle wrote:
On 9/24/15 12:57 AM, Martin Kosek wrote:
On 09/23/2015 10:05 PM, Janelle wrote:
On 9/13/15 11:46 PM, Alexander Bokovoy wrote:
On Sun, 13 Sep 2015, Janelle wrote:
Hello,
I read something recently that if ip v6 is disable on a server this
hurts performance
> -Original Message-
> From: freeipa-users-boun...@redhat.com [mailto:freeipa-users-
> boun...@redhat.com] On Behalf Of Pavel Reichl
> Sent: Thursday, September 24, 2015 5:18 AM
> To: freeipa-users@redhat.com
> Subject: Re: [Freeipa-users] rhel 6.7 upgrade - sssd/sudo
>
> Hello Andy,
>
>
On Thu, 24 Sep 2015, Andy Thompson wrote:
-Original Message-
From: Alexander Bokovoy [mailto:aboko...@redhat.com]
Sent: Thursday, September 24, 2015 1:17 AM
To: Andy Thompson
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] IPA server failover
On Wed,
On 24.9.2015 15:29, Alexander Bokovoy wrote:
> On Thu, 24 Sep 2015, Andy Thompson wrote:
>>> -Original Message-
>>> From: Alexander Bokovoy [mailto:aboko...@redhat.com]
>>> Sent: Thursday, September 24, 2015 1:17 AM
>>> To: Andy Thompson
>>> Cc:
> -Original Message-
> From: freeipa-users-boun...@redhat.com [mailto:freeipa-users-
> boun...@redhat.com] On Behalf Of Jakub Hrozek
> Sent: Wednesday, September 23, 2015 4:54 PM
> To: freeipa-users@redhat.com
> Subject: Re: [Freeipa-users] sssd public socket error
>
> On Wed, Sep 23,
> -Original Message-
> From: Alexander Bokovoy [mailto:aboko...@redhat.com]
> Sent: Thursday, September 24, 2015 1:17 AM
> To: Andy Thompson
> Cc: freeipa-users@redhat.com
> Subject: Re: [Freeipa-users] IPA server failover
>
> On Wed, 23 Sep 2015, Andy Thompson
On 9/24/15 12:57 AM, Martin Kosek wrote:
On 09/23/2015 10:05 PM, Janelle wrote:
On 9/13/15 11:46 PM, Alexander Bokovoy wrote:
On Sun, 13 Sep 2015, Janelle wrote:
Hello,
I read something recently that if ip v6 is disable on a server this
hurts performance in some way? Is there more info on
Ok it will take me a while to get my test environment setup to match what I
have in prod currently and I can do some testing at that point in time.
-andy
From: Pavel Reichl
Sent: Thursday, September 24, 2015 9:43 AM
To: Andy
Hi
I have 3 problems/questions with ipa and sudo...
1. How to make a GLOBAL sudo rule with all the options what I want to
have? (e.g. !authenticate). I have tried to make a sudo rule for all users
on all hosts whom all users but without command and it doesnt work... Do I
need to set it for
On 09/24/2015 08:32 AM, Aric Wilisch wrote:
I need a way to validate that both the primary and the redundant FreeIPA
server’s DNS zones are in sync. What’s the simplest way for me to do this?
Do a DNS query to confirm that the SOA record for the primary is
identical to the SOA for the
> -Original Message-
> From: freeipa-users-boun...@redhat.com [mailto:freeipa-users-
> boun...@redhat.com] On Behalf Of Petr Spacek
> Sent: Thursday, September 24, 2015 9:50 AM
> To: freeipa-users@redhat.com
> Subject: Re: [Freeipa-users] IPA server failover
>
> On 24.9.2015 15:29,
On 09/24/2015 04:43 PM, Rich Megginson wrote:
On 09/24/2015 08:32 AM, Aric Wilisch wrote:
I need a way to validate that both the primary and the redundant
FreeIPA server’s DNS zones are in sync. What’s the simplest way for
me to do this?
Do a DNS query to confirm that the SOA record for
I need a way to validate that both the primary and the redundant FreeIPA
server’s DNS zones are in sync. What’s the simplest way for me to do this?
My boss won’t let me continue with an upgrade until he’s sure the primary and
redundant servers have the same DNS records and are in sync. I’ve
On 09/24/2015 08:53 AM, Martin Basti wrote:
On 09/24/2015 04:43 PM, Rich Megginson wrote:
On 09/24/2015 08:32 AM, Aric Wilisch wrote:
I need a way to validate that both the primary and the redundant
FreeIPA server’s DNS zones are in sync. What’s the simplest way for
me to do this?
Do a
On 09/24/2015 09:24 AM, Aric Wilisch wrote:
Is there a way of exporting the DNS information out of Freeipa? Then I could
just do a diff on the export from master and replica.
That's what Martin was suggesting you use dnspython to do.
On Sep 24, 2015, at 11:13 AM, Martin Basti
On 09/24/2015 05:02 PM, Rich Megginson wrote:
On 09/24/2015 08:53 AM, Martin Basti wrote:
On 09/24/2015 04:43 PM, Rich Megginson wrote:
On 09/24/2015 08:32 AM, Aric Wilisch wrote:
I need a way to validate that both the primary and the redundant
FreeIPA server’s DNS zones are in sync.
Is there a way of exporting the DNS information out of Freeipa? Then I could
just do a diff on the export from master and replica.
> On Sep 24, 2015, at 11:13 AM, Martin Basti wrote:
>
>
>
> On 09/24/2015 05:02 PM, Rich Megginson wrote:
>> On 09/24/2015 08:53 AM, Martin
27 matches
Mail list logo