[Freeipa-users] [solved] Re: ipa-replica-install fails: "an internal error has occurred" on Remote master - DBusException: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freeipa.server was no

Hi 2017-01-17 15:53 GMT+01:00 Alexander Skwar > As you can see, the RHEL system does have a "org.freeipa.server". > The Xenial system does not. > > Any ideas, why that might be missing? Timo Aaltonen has helped me to find the issue on the launchpad bug. The oddjob service

Re: [Freeipa-users] ipa-replica-install fails: "an internal error has occurred" on Remote master - DBusException: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freeipa.server was not provide

Hello again already… 2017-01-17 15:24 GMT+01:00 Alexander Skwar <alexanders.mailinglists+nos...@gmail.com>: … > [Tue Jan 17 16:06:05.825724 2017] [wsgi:error] [pid 21773:tid > 139626190206720] ipa: INFO: [jsonserver_kerb] ad...@unix.ewadmin.ch: > ping(version=u'2

[Freeipa-users] ipa-replica-install fails: "an internal error has occurred" on Remote master - DBusException: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freeipa.server was not provided by

Hello Using freeipa 4.3.1-0ubuntu1 on Ubuntu 16.04 servers. I have setup a FreeIPA master server with the following commands: apt install freeipa-server ipa-server-install --setup-dns --mkhomedir --auto-forwarders \ --no-reverse --hostname=ewserv-auth01-prod.unix.ewadmin.ch \

Re: [Freeipa-users] LDAP access for user authentication?

Hello Rob 2016-05-18 16:21 GMT+02:00 Rob Crittenden <rcrit...@redhat.com>: > Alexander Skwar wrote: >> >> Hello Rob >> >> 2016-05-12 0:06 GMT+02:00 Rob Crittenden <rcrit...@redhat.com>: >>> >>> >>> Alexander Skw

Re: [Freeipa-users] LDAP access for user authentication?

Hello Rob 2016-05-12 0:06 GMT+02:00 Rob Crittenden <rcrit...@redhat.com>: > > Alexander Skwar wrote: >> The WAF would then send username and password to FreeIPA (using LDAP) >> and would need to get back, whether the combination was good or not. >> >>

[Freeipa-users] LDAP access for user authentication?

the combination was good or not. Is that scenario doable with FreeIPA and LDAP? Would anyone maybe even know of some good howtos or links? Any gotchas, that we'd need to be aware of? Thanks a lot and „Viele Grüße”  Alexander Skwar -- Manage your subscription for the Freeipa-users mailing list: https

Re: [Freeipa-users] HBAC - Limit SSH access to "test" systems

Hello Alexander ;) 2015-11-30 10:38 GMT+01:00 Alexander Bokovoy : > HBAC is enforced by SSSD over PAM. All you need to ensure is that an > application (sshd in this case) uses PAM. Then you setup HBAC rules, > disable allow_all rule, and then SSSD will verify rules on logon

[Freeipa-users] HBAC - Limit SSH access to "test" systems

Hello I'm trying to setup our FreeIPA 4.1.0 (RHEL 7) servers with Ubuntu 14.04 FreeIPA 3.3.4 clients so, that users in a user group called "customers" can only access hosts, which are in a host group called "test". Users from the user group "ops" should be able to access all systems (ie. "prod"

Re: [Freeipa-users] ssh and sudo password authentication not working with freeipa-client 3.3.4-0ubuntu3.1 on Ubuntu 14.04

right. I'm attaching the log. Best regards, Alexander 2015-10-06 15:01 GMT+02:00 Sumit Bose <sb...@redhat.com>: > On Tue, Oct 06, 2015 at 11:26:42AM +0200, Alexander Skwar wrote: > > Hi > > > > With further debugging, I discovered, that I messed up the > > /

Re: [Freeipa-users] ssh and sudo password authentication not working with freeipa-client 3.3.4-0ubuntu3.1 on Ubuntu 14.04

se letters. After having changed that to uppercase letters (ie. "krb5_realm = CUSTOMER.COMPANY.INTERNAL"), it works fine. Thanks for your time and help ;) Cheers, Alexander 2015-10-05 14:07 GMT+02:00 Sumit Bose <sb...@redhat.com>: > On Mon, Oct 05, 2015 at 09:00:13AM +0200,

Re: [Freeipa-users] ssh and sudo password authentication not working with freeipa-client 3.3.4-0ubuntu3.1 on Ubuntu 14.04

-k". Also after the "kinit -k", nothing is in the krb5_child.log. Regards, Alexander 2015-10-02 17:59 GMT+02:00 Jakub Hrozek <jhro...@redhat.com>: > On Fri, Oct 02, 2015 at 04:28:57PM +0200, Alexander Skwar wrote: > > Hello > > > > How do I get pass

Re: [Freeipa-users] ssh and sudo password authentication not working with freeipa-client 3.3.4-0ubuntu3.1 on Ubuntu 14.04

Hi Hm, when I'm root, "kinit -k" works: # kinit -k # Just not as a user. As a user, I get the "kinit: Permission denied while getting initial credentials" error message. Regards, Alexander 2015-10-05 9:00 GMT+02:00 Alexander Skwar < alexanders.mailinglists+nos...@g

[Freeipa-users] ssh and sudo password authentication not working with freeipa-client 3.3.4-0ubuntu3.1 on Ubuntu 14.04

Hello How do I get password authentication to work with freeipa-client 3.3.4-0ubuntu3.1 on Ubuntu 14.04 for ssh and sudo? Long version follows :) We've got an IPA server with the Red Hat Identity Management server on RHEL 7.1 servers; FreeIPA v4.1.0 is being used there. I configured users and