On Wed, 2016-05-04 at 13:26 -0400, Rob Crittenden wrote:
> lejeczek wrote:
> > hi users,
> >
> > as one follows official docs and issues a certificate for a
> > service/host, one wonders what is the correct way to move such a
> > certificate to a host(which is
hi users,
as one follows official docs and issues a certificate for a
service/host, one wonders what is the correct way to move such a
certificate to a host(which is domain member) ?
I understand certificates issued with:
$ ipa cert-request -add --principal
are stored in ldap backend, (yet I
hi,
regular server install with --setup-dns
then clients to follow, but I see there:
Missing reverse record(s) for address(es):
does that mean that by default server install process does not include
reverse zones?
These need to be set up manually/independently ?
many thanks##SELECTION_END##--
On 09/04/16 01:18, Fraser Tweedale wrote:
On Fri, Apr 08, 2016 at 03:39:49PM -0400, Rob Crittenden wrote:
Pawel Eljasz wrote:
.. would anybody know?
I realize this might be not the ideal place for such a question, sorry.
thanks
L
I don't know that there is a way using a tool to delete a ke
... which I suppose should have not happened?
hi everybody,
installation went fine, migration too, not errors reported
by neither process and I wonder - how come?
bw.
L.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to
... other things?
I'm not thinking here about anything heavy, rather
lightweight bits... a blog, a calendar...
What are best practices?
Is it ok to use VirtualHost, IPA won't mind?
Is there a way to migrate from mod_ssl based to IPA's nss
and use IPA's cert suite?
many thanks,
L.
--
Manage
hi everybody
I'm still new to this complex concept of cross-trust &
domains, I wonder...
Would having own OU inside a win domain be any good in terms
of controlling/allowing access to IPA boxes?
Or... probably best would be if I put it this way - if you
want to plug yourself in, with your IPA
hi everybody
looking at docs/mans - I don't suppose there in ipa user
tool set is a clean way/mechanism to roll back "migrate-ds" ?
many thanks
L.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for
On 15/03/16 14:36, Alexander Bokovoy wrote:
On Tue, 15 Mar 2016, lejeczek wrote:
On 15/03/16 13:42, Rob Crittenden wrote:
lejeczek wrote:
On 14/03/16 17:06, Rob Crittenden wrote:
lejeczek wrote:
with...
ipa: ERROR: group LDAP search did not return any
result (search base:
ou=groups,dc
On 15/03/16 17:21, Rob Crittenden wrote:
lejeczek wrote:
On 15/03/16 15:57, Rob Crittenden wrote:
lejeczek wrote:
On 15/03/16 13:42, Rob Crittenden wrote:
lejeczek wrote:
On 14/03/16 17:06, Rob Crittenden wrote:
lejeczek wrote:
with...
ipa: ERROR: group LDAP search did not return any
On 15/03/16 17:22, Rob Crittenden wrote:
lejeczek wrote:
On 15/03/16 14:14, lejeczek wrote:
On 15/03/16 13:42, Rob Crittenden wrote:
lejeczek wrote:
On 14/03/16 17:06, Rob Crittenden wrote:
lejeczek wrote:
with...
ipa: ERROR: group LDAP search did not return any
result (search base:
ou
On 15/03/16 14:14, lejeczek wrote:
On 15/03/16 13:42, Rob Crittenden wrote:
lejeczek wrote:
On 14/03/16 17:06, Rob Crittenden wrote:
lejeczek wrote:
with...
ipa: ERROR: group LDAP search did not return any
result (search base:
ou=groups,dc=ccnr,dc=biotechnology, objectclass
On 15/03/16 15:57, Rob Crittenden wrote:
lejeczek wrote:
On 15/03/16 13:42, Rob Crittenden wrote:
lejeczek wrote:
On 14/03/16 17:06, Rob Crittenden wrote:
lejeczek wrote:
with...
ipa: ERROR: group LDAP search did not return any
result (search base:
ou=groups,dc=ccnr,dc=biotechnology
On 15/03/16 13:42, Rob Crittenden wrote:
lejeczek wrote:
On 14/03/16 17:06, Rob Crittenden wrote:
lejeczek wrote:
with...
ipa: ERROR: group LDAP search did not return any result (search base:
ou=groups,dc=ccnr,dc=biotechnology, objectclass: groupofuniquenames,
groupofnames)
I see users went
On 15/03/16 13:42, Rob Crittenden wrote:
lejeczek wrote:
On 14/03/16 17:06, Rob Crittenden wrote:
lejeczek wrote:
with...
ipa: ERROR: group LDAP search did not return any result (search base:
ou=groups,dc=ccnr,dc=biotechnology, objectclass: groupofuniquenames,
groupofnames)
I see users went
On 14/03/16 17:06, Rob Crittenden wrote:
lejeczek wrote:
with...
ipa: ERROR: group LDAP search did not return any result (search base:
ou=groups,dc=ccnr,dc=biotechnology, objectclass: groupofuniquenames,
groupofnames)
I see users went in but later I realized that current samba's ou was
&
with...
ipa: ERROR: group LDAP search did not return any result
(search base: ou=groups,dc=ccnr,dc=biotechnology,
objectclass: groupofuniquenames, groupofnames)
I see users went in but later I realized that current
samba's ou was "group" not groups.
Can I just re-run migrations?
many thank
On 14/03/16 12:21, Alexander Bokovoy wrote:
On Mon, 14 Mar 2016, Jan Pazdziora wrote:
On Sun, Mar 13, 2016 at 03:34:27PM +0200, Alexander
Bokovoy wrote:
On Sun, 13 Mar 2016, lejeczek wrote:
>IPA install process configured in sssd.conf:
>[domain/new.Domain]
>cache_credentia
... expected when a non-member ssh connect to a domain member?
hi everybody.
or I missed something, I probably have, right?
I see these in the logs and just after a successful ssh:
sshd[17245]: Accepted publickey for root from.
do I need to add non-member keys to IPA? Is this normal
practic
On 13/03/16 13:34, Alexander Bokovoy wrote:
On Sun, 13 Mar 2016, lejeczek wrote:
IPA install process configured in sssd.conf:
[domain/new.Domain]
cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = newDomain
id_provider = ipa
...
...
[domain/default] # < this is l
install process put it into default domain which it
did not include later in sssd section.
thanks
On 13/03/16 11:05, Alexander Bokovoy wrote:
On Sun, 13 Mar 2016, lejeczek wrote:
hi everybody
I've newly installed IPA and install process configured
krb5_server, put it in already existing
hi everybody
I've newly installed IPA and install process configured
krb5_server, put it in already existing domain which was
ldap backend.
But that domain (default) is not included in [sssd] domains,
install process it, and I wonder what's the impact of it and
what's the meaning of krb5_serv
On 25/02/16 12:29, Sumit Bose wrote:
On Thu, Feb 25, 2016 at 11:58:04AM +, lejeczek wrote:
On 25/02/16 09:32, Sumit Bose wrote:
On Thu, Feb 25, 2016 at 09:21:06AM +, lejeczek wrote:
On 25/02/16 08:21, Sumit Bose wrote:
On Wed, Feb 24, 2016 at 05:20:30PM +, lejeczek wrote:
On 24
On 25/02/16 09:32, Sumit Bose wrote:
On Thu, Feb 25, 2016 at 09:21:06AM +, lejeczek wrote:
On 25/02/16 08:21, Sumit Bose wrote:
On Wed, Feb 24, 2016 at 05:20:30PM +, lejeczek wrote:
On 24/02/16 14:22, Sumit Bose wrote:
On Wed, Feb 24, 2016 at 12:45:55PM +, lejeczek wrote:
On 24
On 25/02/16 08:21, Sumit Bose wrote:
On Wed, Feb 24, 2016 at 05:20:30PM +, lejeczek wrote:
On 24/02/16 14:22, Sumit Bose wrote:
On Wed, Feb 24, 2016 at 12:45:55PM +, lejeczek wrote:
On 24/02/16 11:26, Sumit Bose wrote:
On Wed, Feb 24, 2016 at 11:21:13AM +, lejeczek wrote:
he
On 24/02/16 17:20, lejeczek wrote:
On 24/02/16 14:22, Sumit Bose wrote:
On Wed, Feb 24, 2016 at 12:45:55PM +, lejeczek wrote:
On 24/02/16 11:26, Sumit Bose wrote:
On Wed, Feb 24, 2016 at 11:21:13AM +, lejeczek wrote:
he everybody,
my first tampering with install gets me:
Feb 24 11
On 24/02/16 14:22, Sumit Bose wrote:
On Wed, Feb 24, 2016 at 12:45:55PM +, lejeczek wrote:
On 24/02/16 11:26, Sumit Bose wrote:
On Wed, Feb 24, 2016 at 11:21:13AM +, lejeczek wrote:
he everybody,
my first tampering with install gets me:
Feb 24 11:04:22 my.host.fake sssd[be[host.fake
On 24/02/16 11:26, Sumit Bose wrote:
On Wed, Feb 24, 2016 at 11:21:13AM +, lejeczek wrote:
he everybody,
my first tampering with install gets me:
Feb 24 11:04:22 my.host.fake sssd[be[host.fake]][17425]: Starting up
Feb 24 11:04:22 my.host.fake sssd[be[host.fake]][17425]: Failed to read
he everybody,
my first tampering with install gets me:
Feb 24 11:04:22 my.host.fake sssd[be[host.fake]][17425]:
Starting up
Feb 24 11:04:22 my.host.fake sssd[be[host.fake]][17425]:
Failed to read keytab [default]: Bad address
Feb 24 11:04:22 my.host.fake sssd[17406]: Exiting the SSSD.
Could no
On 23/02/16 15:04, Rob Crittenden wrote:
lejeczek wrote:
hi everybody
I'm trying server installation but it fails, I think very last leg, and
I was hoping you could suggest places which I should start looking at.
[7/7]: configuring ipa-dnskeysyncd to start on boot
Done configuring DN
hi everybody
I'm trying server installation but it fails, I think very
last leg, and I was hoping you could suggest places which I
should start looking at.
[7/7]: configuring ipa-dnskeysyncd to start on boot
Done configuring DNS key synchronization service
(ipa-dnskeysyncd).
Restarting ip
On 14/10/15 07:56, Martin Kosek wrote:
On 10/13/2015 12:23 PM, lejeczek wrote:
dear all,
my first try at ipa server, I get this when install fails:
Hi lejeczek,
Can you please start with specifying your IPA version?
http://www.freeipa.org/page/Troubleshooting#Reporting_bugs
it's
dear all,
my first try at ipa server, I get this when install fails:
[15/16]: restarting httpd
[error] CalledProcessError: Command ''/bin/systemctl'
'restart' 'httpd.service'' returned non-zero exit status 1
Unexpected error - see /var/log/ipaserver-install.log for
details:
CalledProcessEr
101 - 133 of 133 matches
Mail list logo
