Hi all --
Just wondering if there are any good examples of using the vault
features to secure store, use passwords? I have devs that like to store
them in git and well, I will discipline them appropriately, but I wante
to see about using the vault. Is it as simple as it appears to be? Just
Yeah, after I sent this email, I realized what I was trying to do and
that, "Oh wait, this is not really going to work."
For what it is worth - version on RHEL 7.3 - 4.4.0-14.el7_3.7
-K
On 5/2/17 11:04 AM, Rob Crittenden wrote:
Kat wrote:
Hi all,
I am somewhat confused try
Hi all,
I am somewhat confused trying to get the process of using an external
cert for IPA.
If I follow step 1:
ipa-server-install -a Secret123 -p Secret123 -r EXAMPLE.COM --external-ca -U
This does indeed generate a CSR, but trying to do anything with this CSR
has no success since it is
about it more, if I am signing certs based on LE's Cert, that might be a
bad thing from their standpoint...
Just thinking out loud and looking for some input.
Kat
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http
e troubled you.
Kat
On 4/25/17 9:30 AM, Martin Bašti wrote:
FreeIPA conflicts shouldn't prevent installing of other packages. For
me it looks like "python-zope-interface" is missing.
On 25.04.2017 16:27, Kat wrote:
Yes- this comes after IPA is installed and running (this is actuall
force yum to just do the install anyway unless you
download the packages directly and use rpm to install. Is that the
suggestion here?
Thanks
On 4/25/17 9:22 AM, Martin Bašti wrote:
Hello,
comments inline
On 25.04.2017 16:06, Kat wrote:
Hi all,
Trying to get letsencrypt working for an AW
ver-common-4.4.0-14.el7_3.7.noarch has installed conflicts
freeipa-server-common: ipa-server-common-4.4.0-14.el7_3.7.noarch
Any ideas? Maybe this is something known in the AWS world?
Thanks
Kat
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listi
Trying to figure out a way to migrate just the user PWs - since all the
users were created with a script in the new layout, but I want to bring
over their old PWs, hashed of course, to the new IPA server.
Just thought I would check to see if anyone has tried to do that before?
~k
--
Manage
Trying to do some testing with 4.0.2-1 on FC22/rawhide -- the install
blows up:
Configuring directory server (dirsrv): Estimated time 10 seconds
[1/3]: configuring ssl for ds instance
[2/3]: restarting directory server
ipa : CRITICAL Failed to restart the directory server. See the
Anyone seen this before -- 2 freshly kicked CentOS 7 installs:
On the replica from the ipa-replica-install :
reports: Update failed! Status: [10 Total update abortedLDAP error:
Referral]
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
and then
there is nothing there. I guess time
to go digging around. It is 3.3.3 on CentOS 7..
I'll let you know if I fine anything else.
Thanks.
On 9/9/14 7:56 AM, Rich Megginson wrote:
On 09/09/2014 08:39 AM, Kat wrote:
Anyone seen this before -- 2 freshly kicked CentOS 7 installs:
On the replica
-- a problem with migration settings??
On 9/9/14 8:25 AM, Rich Megginson wrote:
On 09/09/2014 09:20 AM, Kat wrote:
This brings up a question - if I just installed a master -- shouldn't
I be able to create the replica immediately after (even if I did a
migration from an old LDAP server?)
Yes.
Am I
The problem I see is simple - not being able to add additional replicas
after the migration?
On 9/9/14 9:24 AM, Rich Megginson wrote:
On 09/09/2014 10:12 AM, Kat wrote:
Well - here is the problem and solution:
Fails every time:
Install master, enable migration, migrate existing LDAP config
On 9/9/14 3:18 PM, Dmitri Pal wrote:
On 09/09/2014 12:55 PM, Rich Megginson wrote:
On 09/09/2014 10:41 AM, Kat wrote:
The problem I see is simple - not being able to add additional
replicas after the migration?
What I meant to say is - Is the workaround of setting replication
first
some stats:
~2000 users
~275 groups
~largest groups = 150+ users
(a couple dozen of these)
~K
On 9/9/14 4:32 PM, Dmitri Pal wrote
Well may be the data is so big that the replication gets stuck?
May be there is some huge group membership issue or something like.
Do you have a huge group?
Hi all...
Migrating from Open LDAP and it works fine to FreeIPA to 3.x but 4.x I
get migration errors?
/Constraint violation: invalid password syntax - passwords with storage
scheme are not allowed/
I did find one reference to this in the archives, but it references
389-ds 1.3.2.20 and i
Hi,
Wondering about mixed configs and using features from the server such as
OTP. Has anyone done this with a v3 client? I know it is mostly sssd,
but wondering if there might be any gotchas.
Thanks
--
Manage your subscription for the Freeipa-users mailing list:
If you look closely, the epel-7 repo is actually empty. There are no
packages there.
So there are no packages to actually install. Only the fedora repos in
that same tree have packages.
~K
On 8/23/14 12:29 PM, Dmitri Pal wrote:
On 08/23/2014 08:33 PM, Chris Whittle wrote:
Thanks Dmitri,
I am working on the same thing - specifically I have found the libnl
dependencies to be the biggest headache. If I get anywhere over the
weekend, I will let you all know.
~K
On 8/23/14 12:51 PM, Dmitri Pal wrote:
On 08/23/2014 09:46 PM, Chris Whittle wrote:
Thanks Kat, so what do I need
Hello fellow IPAers...
Just wondering what I might be doing wrong. I have servers that just
need to auth to the LDAP username/PW portion of IPA since they can't do
Kerberos right now.
What could I be missing -- I run the authconfig to setup and verify
sssd.conf, but I continue to get:
Hi,
I must be missing something obvious in getting memberof plugin to work..
Any ideas?
Thanks in advance...
~K
--
./fixup-memberof.pl -D 'cn=Directory Manager' -b
'dc=red,dc=lemon,dc=com' -w - -v
ldap_initialize( ldap://localhost:7389 )
add objectclass:
21 matches
Mail list logo
