version: 3.10.0-229.el7.x86_64
Can you provide some hints on this, that would be appreciated.
Matrix--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
No, integrated dns is an optional component of ipa, even for ad integration.
But without integrated DNS, you have to correctly configure all srv records by
manual.
Matrix
-- Original --
From: Iulian Roman <iulian.ro...@gmail.com>
Date: Thu,Feb 23,2
the primary server to use and
fall back to the
server the client is enrolled with. When used in conjunction
with --server then no
_srv_ value is set in the ipa_server option in sssd.conf.
Matrix
-- Original --
From: "R
ver =
ipa_backup_server =
For another half clients,
ipa_server =
ipa_backup_server =
Matrix
-- Original --
From: "Rakesh Rajasekharan";<rakesh.rajasekha...@gmail.com>;
Date: Sat, Jan 21, 2017 08:25 PM
To: "freeipa-users"<freeipa-u
it should be.
you mean 'sss_cache -E' ? i have also tried to use to invalidate everything.
sudo did not trigger any packets between client and server.
Matrix
-- Original --
From: "Fraser Tweedale";<ftwee...@redhat.com>;
Date: Sat, Jan 1
Hi, all
I have removed everything in /var/lib/sss/db. but sudo works fine.
I have also tried to capture sudo search packets with tcpdump. I found that
there is no packets transferred between ipa client and server. I am wondering
where is ipa cache? in memory?
Best Regards
Matrix
-- Original --
From: "Jakub Hrozek";<jhro...@redhat.com>;
Date: Mon, Jan 9, 2017 07:04 PM
To: "Matrix"<matrix...@qq.com>;
Cc: "freeipa-users"<freeipa-users@redhat.com>;
Subject: Re: [Freeipa-users] ipa_serve
to? any parameters I can try?
Best Regards
Matrix--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
ethod=sasl version=3
mech=GSSAPI
[10/Nov/2016:10:46:58 +] conn=816560 op=0 RESULT err=14 tag=97 nentries=0
etime=0, SASL bind in progress
[10/Nov/2016:10:46:58 +] conn=816560 op=-1 fd=189 closed - B1
...
Matrix
-- Original --
From: "Sumit Bose&quo
Matrix
-- Original --
From: "Sumit Bose";<sb...@redhat.com>;
Date: Thu, Nov 10, 2016 06:32 PM
To: "freeipa-users"<freeipa-users@redhat.com>;
Subject: Re: [Freeipa-users] sssd failed with 'ldap_sasl_bind
failed(-2)[Localerror]'
On
: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified
GSS failure. Minor code may provide more information (Mutual authentication
failed)
Matrix
-- Original --
From: "Matrix";<matrix...@qq.com>;
Date: Thu,
Address:10.2.1.21#53
Name: ipaslave.stg.example.net
Address: 10.2.1.250
# nslookup 10.2.1.250
Server: 10.2.1.21
Address:10.2.1.21#53
250.1.2.10.in-addr.arpa name = ipaslave.stg.example.net.
Any hints or troubleshooting ideas would be appreciated.
Matrix--
Manage your
}) 192.168.11.235: TICKET NOT RENEWABLE: authtime 0,
a...@example.net for krbtgt/example@example.net, KDC can't fulfill
requested option
Jun 14 06:22:35 ipaserver.dev.example.net krb5kdc[23368](info): closing down fd
10
..
any suggestions would be appreciated.
Best Regards
Matrix--
Manage
= false
ticket_lifetime = 24h
forwardable = yes
udp_preference_limit = 0
default_ccache_name = KEYRING:persistent:%{uid}
[realms]
EXAMPLE.NET = {
pkinit_anchors = FILE:/etc/ipa/ca.crt
}
[domain_realm]
.dev.example.net = EXAMPLE.NET
dev.example.net = EXAMPLE.NET
Matrix
-EXAMPLE-NET · 06:47 AM Tue May 03 ·
!41 # echo $?
0
Nothing error was reported. Any debug info or log i can provide for further
analysis?
Thanks
Matrix
-- Original --
From: "Petr Vobornik";<pvobo...@redhat.com>;
Date: Mon, May 2, 2016 02:
timedout"
s4_tevent: Schedule immediate event "tevent_req_trigger": 0x7f1c1cb553c0
s4_tevent: Run immediate event "tevent_req_trigger": 0x7f1c1cb553c0
s4_tevent: Destroying timer event 0x7f1c1c0ff6b0
"dcerpc_connect_timeout_handler"
[Sun May 01 13:53:05.420066 2016] [:
that https://bugzilla.redhat.com/show_bug.cgi?id=1249455 did not fixed
it.
Matrix--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
ync to IPA.
For 'trusts' integration method, since user did not sync to IPA at all, how to
set sudo/HBAC rules for users? I have not tried it.
Matrix
-- Original --
From: "Petr Vobornik";<pvobo...@redhat.com>;
Date: Thu, Apr 28, 2016 11:
that for different suffix is supported ? If so, anyone can show some
hint for me to investigate more?
Thanks for your kindly help.
Matrix--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info
19 matches
Mail list logo
