Re: [Freeipa-users] server 1 and server 2 cannot replicate now may be ssl cert expire

Do u meant the error related to OS? 2016年5月9日 下午7:17 於 "Lukas Slebodnik" 寫道： > On (09/05/16 12:14), Barry wrote: > > Hello Barry, > > > >Can you provide more info? > > > >What is your IPA version, OS? > > > >CENTOS 6.5 > > > Please upgrade to latest CentOS 6.7 >

Re: [Freeipa-users] freeipa as organizational CA

On Mon, May 09, 2016 at 10:23:07PM +0300, Alexander Bokovoy wrote: > On Mon, 09 May 2016, Andy Thompson wrote: > >Is freeipa in RHEL7.2 able to be used as an organizational CA these > >days? I have a requirement to set one up and like the IPA interface > >and tools, but can't sort out the current

Re: [Freeipa-users] freeipa as organizational CA

On Mon, 09 May 2016, Andy Thompson wrote: -Original Message- From: Alexander Bokovoy [mailto:aboko...@redhat.com] Sent: Monday, May 9, 2016 3:23 PM To: Andy Thompson Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] freeipa as organizational CA On Mon,

Re: [Freeipa-users] freeipa as organizational CA

On Mon, 09 May 2016, Andy Thompson wrote: Is freeipa in RHEL7.2 able to be used as an organizational CA these days? I have a requirement to set one up and like the IPA interface and tools, but can't sort out the current state in 4.2 to decipher whether this is possible, or even reasonable to

Re: [Freeipa-users] Correct way to install plugins?

Jeffery Harrell wrote: Thanks very much, Rob. Would it be best to install the schema file in …/updates so it lives there permanently, or is it enough to just run it through ipa-ldap-updater the one time? I’m sorry if that’s a dumb question; I’ve only been working with IPA for a couple weeks so

[Freeipa-users] freeipa as organizational CA

Is freeipa in RHEL7.2 able to be used as an organizational CA these days? I have a requirement to set one up and like the IPA interface and tools, but can't sort out the current state in 4.2 to decipher whether this is possible, or even reasonable to try. I need to setup an org sub CA with an

Re: [Freeipa-users] Correct way to install plugins?

Thanks very much, Rob. Would it be best to install the schema file in …/updates so it lives there permanently, or is it enough to just run it through ipa-ldap-updater the one time? I’m sorry if that’s a dumb question; I’ve only been working with IPA for a couple weeks so I’m still working on

Re: [Freeipa-users] Correct way to install plugins?

Jeffery Harrell wrote: Good morning. (It’s morning where I am.) I’ve written several plugins for my deployment, including a DHCP plugin, and I’m trying to figure out the best way to deploy them onto production servers. Let’s start with the schema. I could copy a schema file (e.g., 89dhcp.ldif

Re: [Freeipa-users] export/import users password between two differents IPA environment

Alexandre Ellert wrote: Hello, I have a broken IPA environnment with very few users and groups and I've setup a fresh new installation. I already recreate users and groups and now need to keep old users passwords. Is there a way to copy/paste users password between these two differents IPA ?

[Freeipa-users] Correct way to install plugins?

Good morning. (It’s morning where I am.) I’ve written several plugins for my deployment, including a DHCP plugin, and I’m trying to figure out the best way to deploy them onto production servers. Let’s start with the schema. I could copy a schema file (e.g., 89dhcp.ldif and others) into

[Freeipa-users] ipa-replica-install fails at [6/8]: enable GSSAPI for replication

Attempting to create replica fails during ipa-replica-install. I have attached below what I am seeing during attempting to add a replica into my environment. Currently there are (3) Masters. When I try to add the (4th) it dies. The 4th node will only be able to talk to ipa01-aws, ipa02-aws,

[Freeipa-users] export/import users password between two differents IPA environment

Hello, I have a broken IPA environnment with very few users and groups and I've setup a fresh new installation. I already recreate users and groups and now need to keep old users passwords. Is there a way to copy/paste users password between these two differents IPA ? Thank you for your help

Re: [Freeipa-users] server 1 and server 2 cannot replicate now may be ssl cert expire

On (09/05/16 12:14), Barry wrote: > Hello Barry, > >Can you provide more info? > >What is your IPA version, OS? > >CENTOS 6.5 > Please upgrade to latest CentOS 6.7 there are known bugs in CentOS 6.5 which are already fixed in CentOS 6.7. LS -- Manage your subscription for the

Re: [Freeipa-users] Who uses FreeIPA?

On Mon, 09 May 2016, Martin Basti wrote: On 09.05.2016 00:48, Alexandre de Verteuil wrote: * Alexandre de Verteuil [2016-05-03 15:09] : Tomorrow I am giving a short presentation at my workplace to talk about it and invite other sysadmins to try it. I would like to

Re: [Freeipa-users] Who uses FreeIPA?

On 09.05.2016 00:48, Alexandre de Verteuil wrote: * Alexandre de Verteuil [2016-05-03 15:09] : Tomorrow I am giving a short presentation at my workplace to talk about it and invite other sysadmins to try it. I would like to make a slide showing the current adoption

Re: [Freeipa-users] Duplicate serials in issued ipa certs

All 4 of our ipa servers are RHEL7.2 with IPA 4.2. Last august the original CA master was damaged so I moved the CRL role to another server, decommissioned the machine and deleted all the replication agreements and rebuilt the machine. That machine now appears to have issued the certs that