[Freeipa-users] Trouble verifying domain trust IPA 3.0, AD 2012

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Morning all I have setup the domain trust set up and have errors when trying to map groups from AD to IPA Environment is IPA 3.0 on RHEL 6.4 and Windows 2012 When adding groups, I get the following. [root@ds01 ~]# ipa group-add --desc='Active

Re: [Freeipa-users] Trouble verifying domain trust IPA 3.0, AD 2012

On Fri, Mar 15, 2013 at 09:38:04AM +, Dale Macartney wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Morning all I have setup the domain trust set up and have errors when trying to map groups from AD to IPA Environment is IPA 3.0 on RHEL 6.4 and Windows 2012 When adding

Re: [Freeipa-users] Trouble verifying domain trust IPA 3.0, AD 2012

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/15/2013 09:52 AM, Sumit Bose wrote: On Fri, Mar 15, 2013 at 09:38:04AM +, Dale Macartney wrote: Morning all I have setup the domain trust set up and have errors when trying to map groups from AD to IPA Environment is IPA 3.0 on

Re: [Freeipa-users] Trouble verifying domain trust IPA 3.0, AD 2012

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/15/2013 10:03 AM, Dale Macartney wrote: On 03/15/2013 09:52 AM, Sumit Bose wrote: On Fri, Mar 15, 2013 at 09:38:04AM +, Dale Macartney wrote: Morning all I have setup the domain trust set up and have errors when trying to map

Re: [Freeipa-users] Trouble verifying domain trust IPA 3.0, AD 2012

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/15/2013 10:06 AM, Dale Macartney wrote: On 03/15/2013 10:03 AM, Dale Macartney wrote: On 03/15/2013 09:52 AM, Sumit Bose wrote: On Fri, Mar 15, 2013 at 09:38:04AM +, Dale Macartney wrote: Morning all I have setup the

Re: [Freeipa-users] Allow IPA Join and remove only

John Moyer wrote: Question: I am trying to reduce the rights to an account so that it can only add and remove machines from the IPA server. It will be used for scripts to run as this user to bind machines that are stood up adhoc to the IPA server, and then clean them up after they are ready

Re: [Freeipa-users] Solaris Clients

On Mar 14, 2013, at 7:08 AM, Luke Kearney wrote: On Mar 14, 2013, at 6:38 AM, KodaK wrote: On Wed, Mar 13, 2013 at 3:39 PM, Luke Kearney l...@kearney.jp wrote: Hello, I have recently been working on integrating our solaris 10 fleet with FreeIPA. The first 'test' host went relatively

Re: [Freeipa-users] check host password age

On 03/13/2013 05:35 AM, Stijn De Weirdt wrote: i'll get back to the previous part later, wehn i can test it (thanks petr!) i guess the timestamps are somehwere in the ldap schema, i would like to know where or how i can find them. and if possible, how to do that using the ipalib python

Re: [Freeipa-users] Revisiting auditing and avoiding reinvention of round rolling things

On 03/13/2013 11:49 AM, KodaK wrote: Hi all. I know that the A part of IPA has been delayed, but that doesn't mean that the auditing requirement has gone away. Before I write a bunch of stuff for this, I wanted to see if anyone had any thoughts (or code!) regarding how to accomplish some of

Re: [Freeipa-users] Trouble verifying domain trust IPA 3.0, AD 2012

On 03/15/2013 08:59 AM, Dale Macartney wrote: Any ideas what KDC returned error string: HANDLE_AUTHDATA means? Sumit, can it be that the SSSD plugin into the SSH that processes MSPACs is not working properly? -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc.