On 11/04/2012 01:25 PM, Steven Jones wrote:
Hi,
Yes you can winsync and passsync RHEL6.3 IPA from win2k3 r2 + AD, it should be
in your RH supported channel tree?
The passsync.msi has to go on each AD box
Each Domain Controller.
Also note that you asked if Can I be able to synchronize the
On 11/04/2012 02:23 PM, William Muriithi wrote:
Hi all,
I am in the process of deploying freeIPA 2.2 to authenticate Linux
systems and have been able to setup everything nicely with separate
domain. I mean users are currently using separate password to access
Linux system and another set of
Also note that you asked if Can I be able to synchronize the current AD
user credentials with
FreeIPA 2.2 or do I have to upgrade to FreeIPA 3.0
You cannot synchronize already existing passwords with IPA 2.x. You
would have to force AD users to change their passwords in order to get
the clear
Megginson rmegg...@redhat.com
To: Steven Jones steven.jo...@vuw.ac.nz
Cc: freeipa-users@redhat.com freeipa-users@redhat.com
Subject: Re: [Freeipa-users] FreeIPA v 2.2 in an AD environment
Message-ID: 5097d88e.1020...@redhat.com
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
On 11/04
nice (and nice its in 6.4)
:)
I need to read up on trusts.
However from limited experience in an AD forests with trusts they get very
complex and the security can go bye bye. Ive seen pen tests that come in from
a trusted domain, using an account with too many privaledges a bad password in
Rich,
In addition to other comments I want to step back and give a bit of a
bigger picture.
1) Regardless of what approach you choose we recommend using the latest
available version at the moment of deployment.
Good suggestion. This mean I should use version 3. Problem that would
have to
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of William Muriithi [william.murii...@gmail.com]
Sent: Tuesday, 6 November 2012 7:13 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] FreeIPA v 2.2 in an AD environment
corner case?
as in not very standard?
In which case, yes I suppose so. AD is a very complex thing and you can
customise it it seems. As a Linux person wandering into such a thing as a
non-standard AD and not knowing this its a bit of a minefield.but of course
you dont know you are in
Steven Jones wrote:
Also note that you asked if Can I be able to synchronize the current AD
user credentials with
FreeIPA 2.2 or do I have to upgrade to FreeIPA 3.0
You cannot synchronize already existing passwords with IPA 2.x. You
would have to force AD users to change their passwords in
On 11/05/2012 01:40 PM, William Muriithi wrote:
Rich,
In addition to other comments I want to step back and give a bit of a
bigger picture.
1) Regardless of what approach you choose we recommend using the latest
available version at the moment of deployment.
Good suggestion. This mean I
On 11/05/2012 02:01 PM, Steven Jones wrote:
corner case?
as in not very standard?
In which case, yes I suppose so. AD is a very complex thing and you can
customise it it seems. As a Linux person wandering into such a thing as a
non-standard AD and not knowing this its a bit of a
On 11/05/2012 01:34 PM, Steven Jones wrote:
nice (and nice its in 6.4)
:)
I need to read up on trusts.
However from limited experience in an AD forests with trusts they get very
complex and the security can go bye bye. Ive seen pen tests that come in
from a trusted domain, using an
: Tuesday, 6 November 2012 12:55 p.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] FreeIPA v 2.2 in an AD environment
On 11/05/2012 02:01 PM, Steven Jones wrote:
corner case?
as in not very standard?
In which case, yes I suppose so. AD is a very complex thing and you can
customise
Hi,
Yes you can winsync and passsync RHEL6.3 IPA from win2k3 r2 + AD, it should be
in your RH supported channel tree?
The passsync.msi has to go on each AD box and is a MSI supplied by RH, I think
that's also in the RH support channel but for some strange reason I think it
might be in the
14 matches
Mail list logo