g...@greg-gilbert.com wrote:
> Rob, here's what I see in that log:
>
> 2017-04-19T21:18:23Z DEBUG Using servers from command line, disabling
> DNS discovery
> 2017-04-19T21:18:23Z DEBUG will use provided server: ipa.services.foo
> 2017-04-19T21:18:23Z DEBUG will use discovered realm:
Follow-up: I guess I can leave off the --hostname part of it and it
doesn't change the hostname.
On 2017-04-19 17:25, g...@greg-gilbert.com wrote:
> Rob, here's what I see in that log:
>
> 2017-04-19T21:18:23Z DEBUG Using servers from command line, disabling DNS
> discovery
>
Rob, here's what I see in that log:
2017-04-19T21:18:23Z DEBUG Using servers from command line, disabling
DNS discovery
2017-04-19T21:18:23Z DEBUG will use provided server: ipa.services.foo
2017-04-19T21:18:23Z DEBUG will use discovered realm: IPA.SERVICES.FOO
2017-04-19T21:18:23Z DEBUG will use
Hi Greg,
> I'm trying to set up a rule based on server hostname. So for example, 10.100.*
> would be put into the 'developers' hostgroup. I can't figure out the proper
> format of the inclusive regex. I've tried:
I believe that your regex needs to match the host name, not the IP address.
g...@greg-gilbert.com wrote:
> When the instances register themselves with FreeIPA, their hostnames get
> changed to match their IP; that's a FreeIPA rule, I believe. So in this
> case, the hostname is 10.100.*.
>
> ubuntu@10:~$ hostname
> 10.100.15.130
There is something very wrong. ipa-client
Cox, Jason wrote:
> Hi all,
>
>
>
> I had to reinstall my IPA setup, so I’m using 4.4 and am learning the
> newer domain levels and topology features.
>
> I’ve installed 3 servers.
>
> I promoted one of the replicas to master and demoted the original master
> to replica according to the
Hi all,
I had to reinstall my IPA setup, so I'm using 4.4 and am learning the newer
domain levels and topology features.
I've installed 3 servers.
I promoted one of the replicas to master and demoted the original master to
replica according to the documentation.
I ran into an issue with the
When the instances register themselves with FreeIPA, their hostnames get
changed to match their IP; that's a FreeIPA rule, I believe. So in this
case, the hostname is 10.100.*.
ubuntu@10:~$ hostname
10.100.15.130
On 2017-04-19 14:53, Jason B. Nance wrote:
> Hi Greg,
>
>> I'm trying to set up
I'm trying to set up a rule based on server hostname. So for example,
10.100.* would be put into the 'developers' hostgroup. I can't figure
out the proper format of the inclusive regex. I've tried:
* 10.100.*
* 10\.100.*
* 10\.100
* .*100.*
and a few other
On 04/19/2017 12:31 PM, Martin Bašti wrote:
On 17.04.2017 19:42, David Goudet wrote:
Hi,
Nobody has response about my questions?
The main question is: Is it possible to configure SSSD to update DNS
(option dyndns_update) with only IP address "primary" in ip addr list
or which is used to
IPA servers always check if DNSSEC is working on forwarders, but it is
just warning. If you have disabled dnssec in named.conf then it is okay.
I'm not sure why sometimes you see this warning and sometimes don't,
maybe inconsistent replies from forwarder.
domain ".internal" should always
My configuration is a single ipa server and both the code path and the bash
prompt path are running on the node that is also running the ipa server. I
thought that since FreeIPA was installed with --no-dnssec-validation that I
should never see this warning. And I confirmed that both
I am trying to automount homeshares (defined in FreeIPA). Now I ran into
a problem with oddjob_mkhomedir.
By default an AD user would get a homedir that looks like
/home/domain/user
In this case oddjob_mkhomedir creates the domain-directory but not more.
If I configure a client to use
On 17.04.2017 19:42, David Goudet wrote:
Hi,
Nobody has response about my questions?
The main question is: Is it possible to configure SSSD to update DNS
(option dyndns_update) with only IP address "primary" in ip addr list
or which is used to FreeIPA server communication (-IP1- used on
On 12.04.2017 23:06, Jeremy Utley wrote:
Hello all! We've got 2 replicated instances of FreeIPA 4.4.0 from the
EPEL repository running on fully-updated CentOS 7 instances. We're
going thru an audit right now, and I have to provide some proof of
certain things related to IPA to our
Hi,
I am implementing automounted home shares for all my IPA users. When
thinking a little more about the topic two fundamental questions arose:
- Is it a good idea to automount /home even if no local users exist at
the moment?
- Would it be better to leave local users in /home and place IPA
On 13.04.2017 22:50, Dan Dietterich wrote:
I am seeing inconsistent results configuring a DNS forward zone.
At a bash prompt, as root, after kinit admin, I do:
ipa dnsforwardzone-add domain.internal --forwarder= ww.xx.yy.zz
--forward-policy=only
That works fine and does not warn about
17 matches
Mail list logo