Re: [Freeipa-users] Installing on Ubuntu 16.04

Don't worry about this during the install from the repository. I also got that installing on Ubuntu recently. Running ipa-server-install later will set up the missing data and pki-tomcat will start fine. At the point apt is trying to start the service it can't start cleanly. The package configure

[Freeipa-users] Chrome 58 Doesn't Trust SSL Certificates Signed by FreeIPA

Yesterday, Chrome on both my Ubuntu and Windows machines updated to version 58.0.3029.81. It appears that this version of Chrome will not trust certificates based on Common Name. Looking at the Chrome documentation and borne out by one of the messages, from Chrome 58, the subjectAltName is

Re: [Freeipa-users] FreeIPA and DHCP

Well, that's true, but I do do it indirectly. I assign fixed addresses for servers by MAC address and host name in DHCP and manage the IP address of that host through FreeIPA DNS. If you tell DHCP that a particular MAC address is a particular host name, when that host requests a DHCP allocated

Re: [Freeipa-users] Google Apps Directory Sync and Free-IPA

I do have it working, but I have Atlassian Crowd sitting between FreeIPA and the Google Apps log in. On 28 Apr 2014 15:44, Simo Sorce s...@redhat.com wrote: On Mon, 2014-04-28 at 08:24 -0400, Dmitri Pal wrote: On 04/28/2014 08:22 AM, Chris Whittle wrote: Ha! that was my thread about SAML vs

[Freeipa-users] Samba 4 with IPA

Hi I don't know if anyone has tried what I want to do, I really just want to know if it's possible at the moment. A few pointers to any information would be helpful too! I have an existing FreeIPA server running on a CentOS machine. It is used to authenticate all users on the network. This works

Re: [Freeipa-users] Samba 4 with IPA

Thanks for all your help. I'll give it a go and see how far I get. On 30 Apr 2013 19:37, Alexander Bokovoy aboko...@redhat.com wrote: On Tue, 30 Apr 2013, simon.williams@thehelpfulcat.**comsimon.willi...@thehelpfulcat.comwrote: That is actually pretty good news. The real requirement is

Re: [Freeipa-users] LDAP authentication for 3rd party

I use Atlassian products, but use Crowd to provide single signon. This means that Crowd is the only application that needs to authenticate against LDAP. I found that I had to tell Crowd that the server was 389 DS. I could not get it to work set to OpenLDAP. Regards Simon On 11 Apr 2013 23:36,

Re: [Freeipa-users] Where has my LDAP server gone!

Thank you, that has solved the issue wonderfully! I do remember the update hanging now you mention it, but I didn't put two and two together! Regards Simon On 7 Apr 2013 21:47, Rob Crittenden rcrit...@redhat.com wrote: Simon Williams wrote: Hi I ran a yum update on my CentOS 6 server

[Freeipa-users] Where has my LDAP server gone!

Hi I ran a yum update on my CentOS 6 server that runs FreeIPA a couple of days ago and it upgraded FreeIPA to version 3. I use a couple of web applications that cannot use Kerberos, but can use LDAP to authenticate. These stopped working. When I investigated the issue, I discovered that the LDAP

[Freeipa-users] mod_nss issue.

can use my SSL secured sites as the encryption works okay, but I cannot open them up as they report the wrong host name in the certificate. Regards Simon Williams ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman

Re: [Freeipa-users] mod_nss issue.

you both for your help. I think that you have prodded me in the right direction for a workaround. Regards Simon Williams On Mon, Oct 8, 2012 at 1:45 PM, Rob Crittenden rcrit...@redhat.com wrote: Alexander Bokovoy wrote: On Mon, 08 Oct 2012, Simon Williams wrote: I have found a problem

[Freeipa-users] Fwd: Re: Certificates for public facing web sites

facing web sites To: Simon Williams simon.willi...@thehelpfulcat.com Cc: freeipa-users@redhat.com Simon Williams wrote: Hi Possibly a bit of a strange requirement, I don't really know! I have a small business and am using IPA to manage our network. I have migrated from an LDAP setup