Hi Alexander,
This doc is really great.
I have added the delegation target but we still get an err=50 on when
running our add_user script on the webserver.
On the IPA server we see a keytab file configured in the php.ini and on the
webserver we don't. Configs are quite the same here actually.
On Tue, 30 Jul 2013, Matt . wrote:
Hi Alexander,
This doc is really great.
I have added the delegation target but we still get an err=50 on when
running our add_user script on the webserver.
On the IPA server we see a keytab file configured in the php.ini and on the
webserver we don't.
On 07/29/2013 03:02 PM, Alexander Bokovoy wrote:
Hi!
On Mon, 29 Jul 2013, Matt . wrote:
Hi Alexander,
That is great!
I hope that someone can find this topic and use it as reference as it
tool
us some time to find the other one :)
You can find my blog post here:
Hi Dimitri,
It's a good tuturial but I'm kinda stuck (and new to that part)
What we seem to need is:
A - B - C - D
A= user(running one) B= Webserver C=IPAserver D= LDAP on IPAserver
I thought we didn't need the C - D part because this is what IPA does. We
actually need the A - B - C part
Hi all,
We have found something out.
When you add a user (like cmdtestuser) to FreeIPA and add it to group:
- admins
- trust admins
- editors
And you add this same useraccount to a Linux box and do a su cmdtestuser
you are able to do a kinit abd give your password that user has in
FreeIPA.
On 07/30/2013 08:17 AM, Matt . wrote:
Hi Dimitri,
It's a good tuturial but I'm kinda stuck (and new to that part)
What we seem to need is:
A - B - C - D
A= user(running one) B= Webserver C=IPAserver D= LDAP on IPAserver
I thought we didn't need the C - D part because this is what IPA
On Tue, 30 Jul 2013, Dmitri Pal wrote:
On 07/30/2013 08:17 AM, Matt . wrote:
Hi Dimitri,
It's a good tuturial but I'm kinda stuck (and new to that part)
What we seem to need is:
A - B - C - D
A= user(running one) B= Webserver C=IPAserver D= LDAP on IPAserver
I thought we didn't need the C -
On 07/30/2013 05:52 PM, Alexander Bokovoy wrote:
On Tue, 30 Jul 2013, Dmitri Pal wrote:
On 07/30/2013 08:17 AM, Matt . wrote:
Hi Dimitri,
It's a good tuturial but I'm kinda stuck (and new to that part)
What we seem to need is:
A - B - C - D
A= user(running one) B= Webserver C=IPAserver
On 07/30/2013 09:11 AM, Matt . wrote:
Hi all,
We have found something out.
When you add a user (like cmdtestuser) to FreeIPA and add it to group:
- admins
- trust admins
- editors
This does not matter really if you just trying to do authentication.
This would matter if you start to
I've been searching and I know it's been answered before but I can't find it.
I have UNIX.DOMAIN.COM as my IPA realm.
I have some hosts that sit on (in dns) domain.com (they are not part
of any other Kerberos realms.)
I'm unable to currently change the domain names on these boxes.
In krb5.conf
Nevermind, AIX problem (surprise, surprise!)
Since it's half-kerberized at this point (the default is system auth,
not kerb/ldap) it failed.
I had to create entries in /etc/security/user for the users I wanted
to test with and explicitly state that I wanted them to log on via
krb5/ldap.
--Jason
Ok, so, yeah -- my first question stands. This works when it falls
back to LDAP, but it does not honor a kerberos ticket. Is there a way
to do that in the same circumstances?
Thanks again,
--Jason
On Tue, Jul 30, 2013 at 2:58 PM, KodaK sako...@gmail.com wrote:
Nevermind, AIX problem
Has anybody tried this?
http://code.google.com/p/pwm/
Would it work is is it advised not to use it, if so reasons please?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
___
Freeipa-users
On Tue, Jul 30, 2013 at 6:16 PM, Steven Jones steven.jo...@vuw.ac.nz wrote:
Has anybody tried this?
http://code.google.com/p/pwm/
Would it work is is it advised not to use it, if so reasons please?
It's been talked about a bit in this mailing list. I had issues, and I know of
another
14 matches
Mail list logo