The FreeIPA team is proud to announce version 2.1.3.
It can be downloaded from http://www.freeipa.org/Downloads
== What happened to 2.1.2!? ==
Right after tagging 2.1.2 we found an upgrade issue that would have
affected any users using the selfsign CA (installed with --selfsign). We
decided t
On 10/16/2011 04:53 PM, Sigbjorn Lie wrote:
> On 10/14/2011 03:14 PM, Jenny Galipeau wrote:
>>
>> - Original Message -
>>> On Thu, 2011-10-13 at 15:44 +0200, Sigbjorn Lie wrote:
Hi,
What is your recommendations for avoiding incompatability with
future upgrades of IPA if
Hi,
Has there been given any thought to the concept of sites within IPA to
improve cross-site implementations? This should be easy to implement as
you are already using DNS SRV records to locate the ldap/kerberos servers.
E.g.
Site: Boston
Site: London
Create a subdomain of the IPA dns doma
On 10/19/2011 03:14 PM, Sigbjorn Lie wrote:
> Hi,
>
> Has there been given any thought to the concept of sites within IPA to
> improve cross-site implementations? This should be easy to implement
> as you are already using DNS SRV records to locate the ldap/kerberos
> servers.
>
> E.g.
> Site: Bost
On Wed, 2011-10-19 at 15:24 -0400, Dmitri Pal wrote:
> On 10/19/2011 03:14 PM, Sigbjorn Lie wrote:
> > Hi,
> >
> > Has there been given any thought to the concept of sites within IPA to
> > improve cross-site implementations? This should be easy to implement
> > as you are already using DNS SRV rec
Hi,
I think AD sort of does this which they have now backed away from?
>From my very limited understanding having sub-domains/realms seems to be
>counter-productivein that trying to do cross-realm trusts/passwords/user
>info becomes a nightmare?
I know somehow I have to get unix.vuw.ac.nz
Hi,
I am having some problems when SSHing into my Fedora 15 client which
is authenticated using FreeIPA
djscott@pc35:~$ ssh admin@pc35
admin@pc35's password:
id: cannot find name for user ID 181260
id: cannot find name for user ID 181260
[I have no name!@pc35 ~]$ logout
Connection to pc35
I see your point with a messy dns infrastructure, however this would happen in
the background.
You would still only have one kerberos realm per IPA instance.
Rgds,
Siggi
On Wed, October 19, 2011 21:30, Steven Jones wrote:
> Hi,
>
>
> I think AD sort of does this which they have now backed a
Ah right, yes, one realm.
However how would you password sync with AD?
So sayLondon.ad.ms.com and Newyork.ad.ms.com
With NY as the "head"
So with london.ipa.unix.com and newyork.ipa.unix.com
Is there still only one winsync agreement?
regards
Steven Jones
Technical Specialist - L
On Wed, October 19, 2011 21:27, Simo Sorce wrote:
> On Wed, 2011-10-19 at 15:24 -0400, Dmitri Pal wrote:
>
>> On 10/19/2011 03:14 PM, Sigbjorn Lie wrote:
>>
>>> Hi,
>>>
>>>
>>> Has there been given any thought to the concept of sites within IPA to
>>> improve cross-site implementations? This shou
The London/newyork dns sub-domains would be used for looking up srv records for
the local
kerberos/ldap servers only. The actual domain configured on the client and the
kerberos and LDAP
base would still be the ipa.domain.com.
Sync with AD would still be done between ipa.domain.com <-> ad.domain
On 10/19/2011 04:05 PM, Dan Scott wrote:
> Hi,
>
> I am having some problems when SSHing into my Fedora 15 client which
> is authenticated using FreeIPA
>
> djscott@pc35:~$ ssh admin@pc35
> admin@pc35's password:
> id: cannot find name for user ID 181260
> id: cannot find name for user ID 18126
Dmitri Pal wrote:
> On 10/19/2011 04:05 PM, Dan Scott wrote:
> > Hi,
> >
> > I am having some problems when SSHing into my Fedora 15 client which
> > is authenticated using FreeIPA
> >
> > djscott@pc35:~$ ssh admin@pc35
> > admin@pc35's password:
> > id: cannot find name for user ID 181260
>
Hi,
On Wed, Oct 19, 2011 at 16:43, Dmitri Pal wrote:
> On 10/19/2011 04:05 PM, Dan Scott wrote:
>
> Hi,
>
> I am having some problems when SSHing into my Fedora 15 client which
> is authenticated using FreeIPA
>
> djscott@pc35:~$ ssh admin@pc35
> admin@pc35's password:
> id: cannot find name for
14 matches
Mail list logo