That seems to have done the trick.
Many thanks to all who helped. Now to deploy this thing! :D
From: Lukas Slebodnik [lsleb...@redhat.com]
Sent: 15 November 2014 15:17
To: Darren Poulson
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Group
On 11/17/2014 07:59 AM, Andreas Ladanyi wrote:
Hi,
I set up the 389 LDAP server to support des-cbc-crc enctype.
I created a principal for OpenAFS. OpenAFS need des-cbc-crc:v4
(single-DES). I created the principal with:
kadmin.local -x ipa-setup-override-restrictions
Please don't do this, use
Happy Monday everyone,
I have a strange issue I am seeing with replica creations, but it does
not seem to be consistent. Sometimes, when trying to install the
replica I get errors trying to connect to the master via SSH:
/[root@ipa3 ~]# ipa-replica-install
On Mon, 17 Nov 2014 13:59:44 +0100
Andreas Ladanyi andreas.lada...@kit.edu wrote:
Hi,
I set up the 389 LDAP server to support des-cbc-crc enctype.
I created a principal for OpenAFS. OpenAFS need des-cbc-crc:v4
(single-DES). I created the principal with:
kadmin.local -x
Hello freeipa users
I followed the instructions of this page :
http://www.freeipa.org/page/NIS_accounts_migration_preserving_Passwords
in order to integrate NIS accounts over IPA with preserving passwords.
However, I do not succeed to import user as indicate on documentation :
# ipa user-add
Janelle, this may not be that useful but I found it worthwhile to resort to…
–skip-conncheck
When setting up the replica – pretty much for the same reason.
Craig White
System Administrator
O 623-201-8179 M 602-377-9752
[cid:image001.png@01CF86FE.42D51630]
SkyTouch Technology 4225 E.
On Fri, Nov 14, 2014 at 04:30:17PM +, Darren Poulson wrote:
Ok,
I've shoved them on pastebin. They were a bit big to put in a mailing list
really.
ldap_child.log: http://pastebin.com/qGCZF4vK
sssd_nss.log: http://pastebin.com/gTBA8NEj
sssd_bur.us.genops.log:
I did find that as the work-around - just trying to understand why it
comes up sometimes...
Did you find any issues with the workings of a replica if you had to
resort to this method?
Thanks.
~J
On 11/17/14 10:57 AM, Craig White wrote:
Janelle, this may not be that useful but I found it
Janelle wrote:
I did find that as the work-around - just trying to understand why it
comes up sometimes...
Did you find any issues with the workings of a replica if you had to
resort to this method?
The conncheck is a reaction to a slew of problems people had setting up
replicas and because
Edouard Guigné wrote:
Hello freeipa users
I followed the instructions of this page :
http://www.freeipa.org/page/NIS_accounts_migration_preserving_Passwords
in order to integrate NIS accounts over IPA with preserving passwords.
However, I do not succeed to import user as indicate on
On Mon, Nov 17, 2014 at 05:59:15PM +0100, Jakub Hrozek wrote:
On Fri, Nov 14, 2014 at 04:30:17PM +, Darren Poulson wrote:
Ok,
I've shoved them on pastebin. They were a bit big to put in a mailing list
really.
ldap_child.log: http://pastebin.com/qGCZF4vK
sssd_nss.log:
Hi
I can reach each host here via ssh on multiple domains:
host.mydom.int
host mydom.net
host.mgmt
sss_ssh_knownhostproxy does work only on the domain which I have use to
register to ipa (mgmt), on the other domains I get ever The authenticity
of host 'host.mydom.int (no hostip for proxy
hi,
I have some hosts installed centos4.8/6.5/5.9,and want to centralize
identity/policy/authorization.but ipa client isn't compatible with
centos4.8,so I try to configure FreeIPA integrated with NIS Domains.
IPAserver:centos7 (+DNS)
nisclient:centos4.8
ipaclient:centos6.6
13 matches
Mail list logo