access_provider = ipa
krb5_store_password_if_offline = True
ipa_server = _srv_
ldap_tls_cacert = /etc/ipa/ca.crt
krb5_realm = SFMC.CO
krb5_changepw_principle = kadmin/changepw
krb5_auth_timeout = 15
ipa_hostname = vm3118.dev.ca1.sfmc.co
--
Terry Soucy - Systems Engineer
Salesforce MarketingCloud - http
A DNS slave here is no different. The slave does not get its
information from IPA. It gets it from a basic zone update from the
master. Configure your slave like you would configure any other DNS
slave.
Terry
Sent from my iPhone
On Jan 28, 2014, at 7:48 AM, Choudhury, Suhail
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
--
Terry Soucy - Systems Engineer
Salesforce MarketingCloud - http://www.salesforce.com
(o) 506.631.7445 (c) 506.609.3247 | (e) tso...@salesforce.com
to no replication, etc, etc. I need to sync the ldap/serverB
service principal on Server A with the ldap/serverB service principal on
Server B. Is there a way to do that, or am I looking at a re-init of server
B?
Terry
--
Terry Soucy - Systems Engineer
Salesforce MarketingCloud - http
I have the keytab with the oldest version number shown in the kvno command,
but when I put that into place, I get no joy.
Terry
On Wed, Nov 20, 2013 at 4:05 PM, Terry Soucy tso...@salesforce.com wrote:
The service principal ldap/serverB was exported but not put into place at
/etc/dirsrv
file, I get one version number. If I export from server B, I
get an older version number. When I use the kvno command, I get an even
older number.
Terry
On Wed, Nov 20, 2013 at 3:56 PM, Rich Megginson rmegg...@redhat.com wrote:
On 11/20/2013 12:37 PM, Terry Soucy wrote:
I am currently
'
Terry
On Wed, Nov 20, 2013 at 4:21 PM, Rob Crittenden rcrit...@redhat.com wrote:
Terry Soucy wrote:
I have the keytab with the oldest version number shown in the kvno
command, but when I put that into place, I get no joy.
A lot more details are required. Did you change or renew the keytab
on
that require replication with regards to dns, users, hosts, etc, so I'm not
sure why it would take so long. Also, can I remove the SASL bind and just
add a replication user to the dse.ldif to remove the requirement for
kerberos for replication?
Terry
--
Terry Soucy - Systems Engineer
Salesforce