For the error in the krb5_child.log
(Tue Mar 15 04:35:51 2016) [[sssd[krb5_child[13708
[sss_child_krb5_trace_cb] (0x4000): [13708] 1458016551.87210: Received
error from KDC: -1765328359/Additional pre-authentication required
I deleted the sssd cache as well as the /tmp/krb5* and restarted
lejeczek wrote:
> with...
>
> ipa: ERROR: group LDAP search did not return any result (search base:
> ou=groups,dc=ccnr,dc=biotechnology, objectclass: groupofuniquenames,
> groupofnames)
>
> I see users went in but later I realized that current samba's ou was
> "group" not groups.
> Can I just
with...
ipa: ERROR: group LDAP search did not return any result
(search base: ou=groups,dc=ccnr,dc=biotechnology,
objectclass: groupofuniquenames, groupofnames)
I see users went in but later I realized that current
samba's ou was "group" not groups.
Can I just re-run migrations?
many
All,
I am trying to setup delegation from OpenUnison to both the IPAWeb
application and to Cockpit. I'm using a single reverse proxy for both
and the same SPN and keytab for both. The integration with ipaweb
went perfectly using these instructions I built:
On Mon, Mar 14, 2016 at 09:35:15AM +0100, Ludwig Krispenz wrote:
>
> On 03/12/2016 04:02 PM, Andrew E. Bruno wrote:
> >On Wed, Mar 09, 2016 at 06:08:04PM +0100, Ludwig Krispenz wrote:
> >>On 03/09/2016 05:51 PM, Andrew E. Bruno wrote:
> >>>On Wed, Mar 09, 2016 at 05:21:50PM +0100, Ludwig Krispenz
I see that now, thanks for the link. Ill give those patches a whirl.
On Mon, Mar 14, 2016 at 7:49 AM, Sumit Bose wrote:
> On Mon, Mar 14, 2016 at 07:28:01AM -0700, Brad Bendy wrote:
>> HI,
>>
>> I have OTP setup and working just fine for logging into any servers,
>> when
On Mon, Mar 14, 2016 at 07:28:01AM -0700, Brad Bendy wrote:
> HI,
>
> I have OTP setup and working just fine for logging into any servers,
> when attempting to run any command with sudo I get a "First factor:"
> prompt, I have entered my normal password but it fails. This only
> happens when OTP
HI,
I have OTP setup and working just fine for logging into any servers,
when attempting to run any command with sudo I get a "First factor:"
prompt, I have entered my normal password but it fails. This only
happens when OTP is on, with OTP off sudo works like you would think.
The logs on the
Hi Daryl,
Thanks for all the data. I will look at the pstacks. A first look shows
that you capture import, bind... so may be a complete
ipa-replica-install session.
I will try to retrieve the specific startup time to see what was going
on at that time.
If you have the time to monitor only
On 14/03/16 12:21, Alexander Bokovoy wrote:
On Mon, 14 Mar 2016, Jan Pazdziora wrote:
On Sun, Mar 13, 2016 at 03:34:27PM +0200, Alexander
Bokovoy wrote:
On Sun, 13 Mar 2016, lejeczek wrote:
>IPA install process configured in sssd.conf:
>[domain/new.Domain]
>cache_credentials = True
On Mon, 14 Mar 2016, Jan Pazdziora wrote:
On Sun, Mar 13, 2016 at 03:34:27PM +0200, Alexander Bokovoy wrote:
On Sun, 13 Mar 2016, lejeczek wrote:
>IPA install process configured in sssd.conf:
>[domain/new.Domain]
>cache_credentials = True
>krb5_store_password_if_offline = True
>ipa_domain =
I set up freeipa in my environment and works perfectly.
But just on one host , I am not able to authenticate. I get a permission
denied eror.
The sssd version I have is 1.12
the krb5_child log does point to some error,
krb5_child.log
(Mon Mar 14 12:02:27 2016) [[sssd[krb5_child[11862
On Sun, Mar 13, 2016 at 03:34:27PM +0200, Alexander Bokovoy wrote:
> On Sun, 13 Mar 2016, lejeczek wrote:
> >IPA install process configured in sssd.conf:
> >[domain/new.Domain]
> >cache_credentials = True
> >krb5_store_password_if_offline = True
> >ipa_domain = newDomain
> >id_provider = ipa
>
On Mon, 14 Mar 2016, thierry bordaz wrote:
Hi Daryl,
As soon as initialized with +15 users, DS instance starts in more
than a minute.
I guess a plugin startup may delay the DS startup itself and some
pstack during that minute will give us some info.
Regarding the krb authentication this
Hi Daryl,
As soon as initialized with +15 users, DS instance starts in more
than a minute.
I guess a plugin startup may delay the DS startup itself and some pstack
during that minute will give us some info.
Regarding the krb authentication this is difficult to say if they are
delayed by
... expected when a non-member ssh connect to a domain member?
hi everybody.
or I missed something, I probably have, right?
I see these in the logs and just after a successful ssh:
sshd[17245]: Accepted publickey for root from.
do I need to add non-member keys to IPA? Is this normal
On 03/12/2016 04:02 PM, Andrew E. Bruno wrote:
On Wed, Mar 09, 2016 at 06:08:04PM +0100, Ludwig Krispenz wrote:
On 03/09/2016 05:51 PM, Andrew E. Bruno wrote:
On Wed, Mar 09, 2016 at 05:21:50PM +0100, Ludwig Krispenz wrote:
[09/Mar/2016:11:33:03 -0500] NSMMReplicationPlugin - changelog
Hi!
On Mon, Mar 7, 2016 at 11:20 PM, Rob Crittenden wrote:
> It may be preferable to label the /var/lib/puppet/ssl/* directories as
> certmonger_var_lib_t but I don't know what would do to puppet. You could
> trade one problem for another. A BZ against selinux might be
18 matches
Mail list logo