David Copperfield wrote:
Hi Rich and all,
For the latest IPA version 2.1.3-9 on red hat 6.2, the CA RUV records
clearance seems a must. Before clearance the annoying messages are
filling /var/log/dirsrv/slapd-PKI-IPA/errors on master file, while after
clearance the entries are gone.
Rich Megginson wrote:
On 05/17/2012 03:13 PM, Iliyan Stoyanov wrote:
Hello,
I'm running latest (as of today) F17 with FreeIPA v.2.2.0. After
running ipa-server-install everything runs alright and IPA is running
fine. 389, kerberos and the rest of the components start up fine.
However after
Hi,
On Wed, May 2, 2012 at 11:13 PM, Rob Crittenden rcrit...@redhat.com wrote:
Rich Megginson wrote:
On 05/02/2012 07:36 PM, Ian Levesque wrote:
On May 2, 2012, at 6:48 PM, Rich Megginson wrote:
Is there any way to expose the nsDS5ReplicationAgreement objectClass
to a less privileged
On 05/18/2012 08:13 AM, Dan Scott wrote:
Hi,
On Wed, May 2, 2012 at 11:13 PM, Rob Crittendenrcrit...@redhat.com wrote:
Rich Megginson wrote:
On 05/02/2012 07:36 PM, Ian Levesque wrote:
On May 2, 2012, at 6:48 PM, Rich Megginson wrote:
Is there any way to expose the
On 05/17/2012 04:10 PM, Kline, Sara wrote:
I was able to fix the import issue, and found some special SSL things
for Server 2008 when you are wanting to run LDAP/SSL. So Pass Sync is
no longer stating SSL is may not be setup correctly.
I am running into an issue however. These are the
Yes, after installing PassSync I rebooted, and I have not changed any passwords
in AD. The bind dn I am using is the one that the documentation says to use
which was:
uid=passsync,cn=systemaccounts,cn=etc,dc=prod,dc=example,dc=com. If I do an ipa
user-find on this, it comes back empty but I am
On 05/18/2012 09:11 AM, Kline, Sara wrote:
Yes, after installing PassSync I rebooted, and I have not changed any
passwords in AD.
If you have not changed any passwords in AD, then the log is correctly
reporting No entries yet
The bind dn I am using is the one that the documentation says
On Wed, 2012-05-16 at 15:08 -0700, Thomas Jackson wrote:
On Tue, May 15, 2012 at 3:24 PM, Simo Sorce s...@redhat.com wrote:
On Tue, 2012-05-15 at 14:21 -0700, Thomas Jackson wrote:
So going through the documentation it's clearly laid out not
to use
kadmin
On Fri, 2012-05-18 at 09:16 -0600, Rich Megginson wrote:
ldapsearch -xLLL -D cn=directory manager -W -b dc=example,dc=com
uid=passsync
This should be:
ldapsearch -xLLL -D cn=directory manager -W -b dc=prod,dc=exampled.dc=com
uid=passync
You also want to check that this user is properly set
Ldapsearch revealed the issue. The documentation in the Integrating AD section
says that passsync is in the systemaccounts cn. Ldapsearch revealed it is
actually sysaccounts cn. It is successfully binding now. I created a test user,
then I logged in as him and changed his password, it took a
On 05/18/2012 09:56 AM, Kline, Sara wrote:
Ldapsearch revealed the issue. The documentation in the Integrating AD
section says that passsync is in the systemaccounts cn. Ldapsearch
revealed it is actually sysaccounts cn. It is successfully binding
now. I created a test user, then I logged in
Good to know, thank you so much for your help. Everything is up and running now!
Thanks,
Sara Kline
From: Rich Megginson [mailto:rmegg...@redhat.com]
Sent: Friday, May 18, 2012 9:04 AM
To: Kline, Sara
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Problems with Passsync
On 05/18/2012
On Fri, May 18, 2012 at 10:29 AM, Rich Megginson rmegg...@redhat.com wrote:
On 05/18/2012 08:13 AM, Dan Scott wrote:
Hi,
On Wed, May 2, 2012 at 11:13 PM, Rob Crittendenrcrit...@redhat.com
wrote:
Rich Megginson wrote:
On 05/02/2012 07:36 PM, Ian Levesque wrote:
On May 2, 2012, at 6:48
On Fri, May 18, 2012 at 12:21 PM, Rich Megginson rmegg...@redhat.com wrote:
On 05/18/2012 10:06 AM, Dan Scott wrote:
On Fri, May 18, 2012 at 10:29 AM, Rich Megginsonrmegg...@redhat.com
wrote:
On 05/18/2012 08:13 AM, Dan Scott wrote:
Hi,
On Wed, May 2, 2012 at 11:13 PM, Rob
On 05/18/2012 10:31 AM, Dan Scott wrote:
On Fri, May 18, 2012 at 12:21 PM, Rich Megginsonrmegg...@redhat.com wrote:
On 05/18/2012 10:06 AM, Dan Scott wrote:
On Fri, May 18, 2012 at 10:29 AM, Rich Megginsonrmegg...@redhat.com
wrote:
On 05/18/2012 08:13 AM, Dan Scott wrote:
Hi,
On Wed, May
Hi,
i solved the problem by downgrading the 389-ds-base from the one that comes
with F17 - 1.2.11.3-1 to the one that comes with F16. I essentially did a
rpmbuild --rebuild of the 1.2.10.8-1 srpm. Right now everything seems fine. It
seems freeipa doesn't work ok with the 1.2.11 tree of 389-ds.
iliyan ilf Stoyanov wrote:
Hi,
i solved the problem by downgrading the 389-ds-base from the one that
comes with F17 - 1.2.11.3-1 to the one that comes with F16. I
essentially did a rpmbuild --rebuild of the 1.2.10.8-1 srpm. Right now
everything seems fine. It seems freeipa doesn't work ok with
On 05/18/2012 11:46 AM, Dan Scott wrote:
On Fri, May 18, 2012 at 12:38 PM, Rich Megginsonrmegg...@redhat.com wrote:
On 05/18/2012 10:31 AM, Dan Scott wrote:
On Fri, May 18, 2012 at 12:21 PM, Rich Megginsonrmegg...@redhat.com
wrote:
On 05/18/2012 10:06 AM, Dan Scott wrote:
On Fri, May 18,
On Fri, May 18, 2012 at 1:52 PM, Rich Megginson rmegg...@redhat.com wrote:
On 05/18/2012 11:46 AM, Dan Scott wrote:
On Fri, May 18, 2012 at 12:38 PM, Rich Megginsonrmegg...@redhat.com
wrote:
On 05/18/2012 10:31 AM, Dan Scott wrote:
On Fri, May 18, 2012 at 12:21 PM, Rich
Hi,
unfortunately I didn't know that beforehand. Probably it will be good if this
is mentioned somewhere on the FreeIPA install pages up on the website.
Br,
--ilf
On Fri May 18 2012 08:24:35 PM EEST, Rob Crittenden rcrit...@redhat.com wrote:
iliyan ilf Stoyanov wrote:
Hi,
i solved the
On 05/18/2012 12:05 PM, Dan Scott wrote:
On Fri, May 18, 2012 at 1:52 PM, Rich Megginsonrmegg...@redhat.com wrote:
On 05/18/2012 11:46 AM, Dan Scott wrote:
On Fri, May 18, 2012 at 12:38 PM, Rich Megginsonrmegg...@redhat.com
wrote:
On 05/18/2012 10:31 AM, Dan Scott wrote:
On Fri, May 18,
Hey All,
Ever since upgrading to Fedora 16 I've noticed that ipa-server causes reboot /
shutdown to hang indefinitely (I've only actually waited ~30 minutes). If I
run service ipa stop before rebooting, there is no hang.
I've searched bugzilla a bit and couldn't see any reports of this - is
Adamson, Dros wrote:
Hey All,
Ever since upgrading to Fedora 16 I've noticed that ipa-server causes reboot / shutdown
to hang indefinitely (I've only actually waited ~30 minutes). If I run service ipa
stop before rebooting, there is no hang.
I've searched bugzilla a bit and couldn't see any
Hi all,
Is there any Web interfaces for IPA users to reset their expired password over
web? Currently we let test users to ssh/login to a particular Linux server, and
sssd will let the users to authenticate with their old expired password and
then reset to newer password.
the IPA web UI
Hi all,
Just like to clarify my confusion: Are the HBAC (Host Based Access Control)
rules immediately in effect after IPA client software configurations through
sssd? Do we have any options inside sssd.conf to enable/disable the HBAC rules
per machine (inside IPA domain)? I have this question
Hi all,
Are the sudo rules applied to IPA clients through nss_ldap, instead of sssd?
I tried that on Redhat 6.2 clients, and some documents said that sudo rules
would work when enabled inside /etc/nslcd.conf, but we need to hack the script
/etc/init.d/nslcd.conf a little bit -- basically to
On Fri, May 18, 2012 at 2:35 PM, Gelen James hahaha_...@yahoo.com wrote:
Hi all,
Are the sudo rules applied to IPA clients through nss_ldap, instead of
sssd?
I tried that on Redhat 6.2 clients, and some documents said that sudo rules
would work when enabled inside /etc/nslcd.conf, but we
Hi Stephen,
That's very helpful. Thanks a lot.
--Gelen
From: Stephen Ingram sbing...@gmail.com
To: Gelen James hahaha_...@yahoo.com
Cc: freeipa-users@redhat.com freeipa-users@redhat.com; Rob Crittenden
rcrit...@redhat.com; Rich Megginson rmegg...@redhat.com
Hi all,
I've the following messages logged on my IPA master server's
/var/log/dirsvr/slapd-EXAMPLE.COM/errors log file:
[17/May/2012:04:02:42 -0700] _entry_set_tombstone_rdn - Failed to convert DN
cn=CA to RDN
[17/May/2012:04:02:42 -0700] id2entry - str2entry returned NULL for id 128,
On 05/18/2012 07:38 PM, David Copperfield wrote:
Hi all,
I've the following messages logged on my IPA master server's
/var/log/dirsvr/slapd-EXAMPLE.COM/errors log file:
[17/May/2012:04:02:42 -0700] _entry_set_tombstone_rdn - Failed to
convert DN cn=CA to RDN
[17/May/2012:04:02:42 -0700]
30 matches
Mail list logo