Michael Plemmons wrote:
> I just realized that I sent the reply directly to Rob and not to the
> list. My response is inline
Ok, this is actually good news.
I made a similar proposal in another case and I was completely wrong.
Flo had the user do something and it totally fixed their auth error,
rajkumar wrote:
> Hello freeipa team,
>
> I have download freeipa4.4.4.tar.gz and I need to setup freeipa project
> as a local environment(to customize via IDE like eclipse) for
> customization. suggest me how can do that. or any reference link.
I'd start with the BUILD file in the tree.
rob
On 03/05/2017 15:05, Brian Candler wrote:
It turns out we had another 16.04 machine which was working fine. But
as soon as I updated its sudo from 1.8.16-0ubuntu1.2 to
1.8.16-0ubuntu1.3, it stopped working too.
So it looks like I have a reproducing case for this and I can
investigate further
Detlev Habicht wrote:
> Hello,
>
> i need a simple, plain LDAP bind for authentication for a host,
> which is not part of my IPA domain.
>
> Something like this is working in the domain:
>
> ldapsearch -vx -H ldaps://xxx.yyy.intern -b "cn=accounts,dc=yyy,dc=intern"
>
> My problem is, it is
I just realized that I sent the reply directly to Rob and not to the list.
My response is inline
*Mike Plemmons | Senior DevOps Engineer | CROSSCHX*
614.427.2411
mike.plemm...@crosschx.com
www.crosschx.com
On Thu, May 4, 2017 at 9:39 AM, Michael Plemmons <
michael.plemm...@crosschx.com>
Seems like it works now, almost perfectly.
I was able to get ipa-ca-install to run using an old replica package file
(replica-info-xxx.gpg), by hacking the script to disable a check for existing
CA, and by deleting things left over from the failed installation:
- Certs in /etc/httpd/alias and
On Fri, May 05, 2017 at 11:58:42AM +, Lakshan Jayasekara wrote:
> Ipa user authentication failure on centos client. Login using a valid account
> and login success for other ipa client servers. It would be great if you can
> provide any hind or any modification to overcome the situation.
Ipa user authentication failure on centos client. Login using a valid account
and login success for other ipa client servers. It would be great if you can
provide any hind or any modification to overcome the situation.
Below is the audit log
type=USER_START msg=audit(1493987877.034:112):
IPA user cannot login to the target centos system using the ssh. User and the
password are valid and can access IPA server.
Lakshanth Chandika Jayasekara
[cid:image001.png@01D1F258.46575F30]
Senior Systems Engineer
Mobile:+94 77 294 0396 | Dir:+94 11 235 6949
General:+94 11 235 6900 Ext:
Hi Simo
Thanks, I was hoping you would throw your hat in the ring!
The background to the question, is that I have a throwaway Python Kerberos
Client using the GSS-API that caches service tickets, an a non-throwaway
Java Kerberos Client, also using the GSS-API that does not (yet) cache
service
On Thu, 2017-05-04 at 18:02 +0200, Christopher Lamb wrote:
> Hi All
>
> Is the following statement correct?
>
> "If a kerberos client (e.g. a FreeIPA client) holds a service ticket
> to a service principal in its credentials cache, it no longer needs
> to interact with the KDC to access the
Hello All,
We have FreeIPA running on Centos7
[root@freeipa03 ~]# cat /etc/*release
CentOS Linux release 7.2.1511 (Core)
Not fully updated but that is planned.
[root@freeipa03 ~]# yum list installed | grep ipa
ipa-admintools.x86_64 4.2.0-15.0.1.el7.centos.19
@updates
On Wed, May 03, 2017 at 11:28:18AM +0200, Tiemen Ruiten wrote:
> Tickets on the FreeIPA host after connecting (with a password):
>
> [adm.tie...@clients.rdmedia.com@neodymium ~]$ klist
> Ticket cache: KEYRING:persistent:998801112:krb_ccache_ZzERoB1
> Default principal:
Hello,
i need a simple, plain LDAP bind for authentication for a host,
which is not part of my IPA domain.
Something like this is working in the domain:
ldapsearch -vx -H ldaps://xxx.yyy.intern -b "cn=accounts,dc=yyy,dc=intern"
My problem is, it is only working with the hostname
14 matches
Mail list logo