Am 03.12.2014 um 14:53 schrieb Alexander Bokovoy:
On Wed, 03 Dec 2014, Andreas Ladanyi wrote:
Hi,
iam trying to setup a cross-realm relationship.
Generated krbtgt cross-realm principals on both KDCs with the same
password and kvno:
krbtgt/REALM_B (MIT Kerberos)@REALM_A (FreeIPA 3.3.5)
On Sat, Nov 22, 2014 at 02:05:19PM -0800, Michael Lasevich wrote:
I got some extra log output: seems that FAST IS being used. I am running
SSSD 1.11.6, which is supposed to have above mentioned issues fixed:
Log:
=
(Sat Nov 22 14:55:43 2014) [[sssd[krb5_child[2451
On Thu, 04 Dec 2014, Andreas Ladanyi wrote:
Am 03.12.2014 um 14:53 schrieb Alexander Bokovoy:
On Wed, 03 Dec 2014, Andreas Ladanyi wrote:
Hi,
iam trying to setup a cross-realm relationship.
Generated krbtgt cross-realm principals on both KDCs with the same
password and kvno:
krbtgt/REALM_B
On 4.12.2014 12:07, Alexander Bokovoy wrote:
On Thu, 04 Dec 2014, Andreas Ladanyi wrote:
Am 03.12.2014 um 14:53 schrieb Alexander Bokovoy:
On Wed, 03 Dec 2014, Andreas Ladanyi wrote:
Hi,
iam trying to setup a cross-realm relationship.
Generated krbtgt cross-realm principals on both KDCs
On Thu, 04 Dec 2014, Petr Spacek wrote:
And /var/log/krb5kdc.log on master.f21.test (KDC for F21.TEST) I can
see:
Dec 04 12:41:52 master.f21.test krb5kdc[1131](info): bad realm transit path
from 'ad...@ipa5.test' to 'host/master.f21.t...@f21.test' via ''
Dec 04 12:41:52 master.f21.test
On 12/04/2014 08:39 AM, Rich Megginson wrote:
On 12/04/2014 01:45 AM, Petr Spacek wrote:
On 4.12.2014 05:02, Janelle wrote:
Thanks -- still a bit strange that it did not show up on some
servers - vary
random and intermittent.
BTW - a bit of information others might find useful. If you try
On 12/04/2014 01:45 AM, Petr Spacek wrote:
On 4.12.2014 05:02, Janelle wrote:
Thanks -- still a bit strange that it did not show up on some servers - vary
random and intermittent.
BTW - a bit of information others might find useful. If you try to use the
LDAP portion of IPA for authentication
Dmitri Pal wrote:
On 12/04/2014 09:41 AM, Rich Megginson wrote:
On 12/04/2014 08:39 AM, Rich Megginson wrote:
On 12/04/2014 01:45 AM, Petr Spacek wrote:
On 4.12.2014 05:02, Janelle wrote:
Thanks -- still a bit strange that it did not show up on some
servers - vary
random and intermittent.
Hi all,
just (pam)auth and nslcd
It was ported from a running OpenLDAP environment to IPA. Just trying
to do conversions in stages so as not to change too much all at once.
Thought I could go from OpenLDAP to IPA and just use the backend of
389ds. Functionally it does work, but the load
On Thu, 4 Dec 2014 13:22:01 +0200
Alexander Bokovoy aboko...@redhat.com wrote:
On Thu, 04 Dec 2014, Petr Spacek wrote:
And /var/log/krb5kdc.log on master.f21.test (KDC for F21.TEST) I
can see:
Dec 04 12:41:52 master.f21.test krb5kdc[1131](info): bad realm
transit path from
On 4.12.2014 16:58, Simo Sorce wrote:
On Thu, 4 Dec 2014 13:22:01 +0200
Alexander Bokovoy aboko...@redhat.com wrote:
On Thu, 04 Dec 2014, Petr Spacek wrote:
And /var/log/krb5kdc.log on master.f21.test (KDC for F21.TEST) I
can see:
Dec 04 12:41:52 master.f21.test krb5kdc[1131](info): bad
On Thu, 04 Dec 2014, Petr Spacek wrote:
On 4.12.2014 16:58, Simo Sorce wrote:
On Thu, 4 Dec 2014 13:22:01 +0200
Alexander Bokovoy aboko...@redhat.com wrote:
On Thu, 04 Dec 2014, Petr Spacek wrote:
And /var/log/krb5kdc.log on master.f21.test (KDC for F21.TEST) I
can see:
Dec 04 12:41:52
On 12/04/2014 09:56 AM, Janelle wrote:
Hi all,
just (pam)auth and nslcd
It was ported from a running OpenLDAP environment to IPA. Just trying
to do conversions in stages so as not to change too much all at once.
Thought I could go from OpenLDAP to IPA and just use the backend of
389ds.
On Thu, 04 Dec 2014, Janelle wrote:
Hi all,
just (pam)auth and nslcd
It was ported from a running OpenLDAP environment to IPA. Just trying
to do conversions in stages so as not to change too much all at once.
Thought I could go from OpenLDAP to IPA and just use the backend of
389ds.
On 12/4/14 8:30 AM, Alexander Bokovoy wrote:
On Thu, 04 Dec 2014, Janelle wrote:
Hi all,
just (pam)auth and nslcd
It was ported from a running OpenLDAP environment to IPA. Just
trying to do conversions in stages so as not to change too much all
at once. Thought I could go from OpenLDAP to
On 12/04/2014 04:56 PM, Janelle wrote:
Hi all,
just (pam)auth and nslcd
It was ported from a running OpenLDAP environment to IPA. Just trying
to do conversions in stages so as not to change too much all at once.
Thought I could go from OpenLDAP to IPA and just use the backend of
389ds.
On 4.12.2014 17:27, Alexander Bokovoy wrote:
On Thu, 04 Dec 2014, Petr Spacek wrote:
On 4.12.2014 16:58, Simo Sorce wrote:
On Thu, 4 Dec 2014 13:22:01 +0200
Alexander Bokovoy aboko...@redhat.com wrote:
On Thu, 04 Dec 2014, Petr Spacek wrote:
And /var/log/krb5kdc.log on master.f21.test (KDC
To help understand the environment a bit - perhaps this will help.
1. Approx 7500 clients across 3 datacenters- all manor of *nix, ranging
from AIX, Linux, HP-UX and Solaris - hence the reason why they all
can't use ipa-client configs. Although that is in the plan at least
for Linux
On 12/04/2014 11:01 AM, Janelle wrote:
To help understand the environment a bit - perhaps this will help.
1. Approx 7500 clients across 3 datacenters- all manor of *nix,
ranging from AIX, Linux, HP-UX and Solaris - hence the reason why
they all can't use ipa-client configs. Although
Hi,
I have a IDM (v3.3) installed on a Redhat7.
I have a IDM realm connected to an AD via trust relationship.
In the IDM realm there are Redhat6 and Redhat5 clients.
My client ask to be able to connect to the Linux machine with their AD without
entering their domain (just username). On Redhat
I answer to myself. (but my problem is not resolved)
- Mail original -
De: Nicolas Zin nicolas@savoirfairelinux.com
À: freeipa-users@redhat.com
Envoyé: Jeudi 4 Décembre 2014 18:49:36
Objet: [Freeipa-users] ad trust and default_domain_suffix
Hi,
I have a IDM (v3.3) installed
21 matches
Mail list logo