On 05/19/2015 08:58 AM, thierry bordaz wrote:
On 05/19/2015 07:47 AM, Martin Kosek wrote:
On 05/19/2015 03:23 AM, Janelle wrote:
Once again, replication/sync has been lost. I really wish the
product was more
stable, it is so much potential and yet.
Servers running for 6 days no issues. No
On 05/19/2015 07:47 AM, Martin Kosek wrote:
On 05/19/2015 03:23 AM, Janelle wrote:
Once again, replication/sync has been lost. I really wish the product
was more
stable, it is so much potential and yet.
Servers running for 6 days no issues. No new accounts or changes
(maybe a few
users
On 05/19/2015 03:42 AM, Janelle wrote:
On 5/18/15 6:23 PM, Janelle wrote:
Once again, replication/sync has been lost. I really wish the product
was more stable, it is so much potential and yet.
Servers running for 6 days no issues. No new accounts or changes
(maybe a few users changing
On Mon, May 18, 2015 at 12:38:47PM -0400, thewebbie wrote:
I have been attempting to use my 4.1.4 FreeIPA server to authenticate
folders on a web server as a replacement for the normal htaccess feature. I
do require group authentication. I have tried just about online example and
have only
Le 13/05/2015 10:15, Thibaut Pouzet a écrit :
Le 12/05/2015 20:11, Nalin Dahyabhai a écrit :
On Tue, May 12, 2015 at 06:39:13PM +0200, Thibaut Pouzet wrote:
After doing what you recommended, the CSR have changed in the debug log :
Certificate Request:
Data:
Version: 0 (0x0)
Hello!
On 05/19/2015 12:53 PM, Martin Kosek wrote:
On 05/19/2015 04:04 AM, Dewangga Bachrul Alam wrote:
Hello!
I'm trying to reinstall ipa client, but have a problem with old/existing
ca.crt in `/etc/ipa/ca.crt`. Should I remove it manually? Since the IPA
server still on development and
My requirements is to replace dozens of htaccess folders on one server.
Each folder requiring a user group. So Host based will not work in this case
Matthew Feinberg
On May 19, 2015 4:03 AM, Jan Pazdziora jpazdzi...@redhat.com wrote:
On Mon, May 18, 2015 at 12:38:47PM -0400, thewebbie wrote:
Hi, all. I am trying to integrate certmonger with dogtag instance, and so
far i've stumbled on one odd problem. Hopefully this is the right list.
I've generated some random cert with getcert request, it has communicated
with dogtag, and i approved it there.
However, when certmonger retrieves
On 5/19/15 12:04 AM, thierry bordaz wrote:
On 05/19/2015 03:42 AM, Janelle wrote:
On 5/18/15 6:23 PM, Janelle wrote:
Once again, replication/sync has been lost. I really wish the
product was more stable, it is so much potential and yet.
Servers running for 6 days no issues. No new accounts
This is the verbose log, tried to convert them to p12 format (dont know
it's right or not), still no luck.
http://fpaste.org/223608/88775143/raw/
Ref: http://www.redhat.com/archives/freeipa-users/2014-August/msg00338.html
Any additional hints?
On 05/19/2015 08:30 PM, Dewangga Bachrul Alam
On 05/19/2015 03:21 PM, Dewangga Bachrul Alam wrote:
Thank you Martin,
Yes, the IPA Server was built on CentOS 7.1. But, some client still
using CentOS 6.x, but I have plan upgrade them to 7.x.
Is it gave a problem if some client still on CentOS 6.x and the IPA
Server built on CentOS 7.x
Hello!
I was build FreeIPA 4.1.4 on CentOS 7.1, the deployment was done, but
could I changes the HTTP and dirsv certificate? I have wildcard
certificate (thawte SSL CA - G2). It is compatible for FreeIPA (http and
dirsv)?
I've tried to follow the instruction
On 05/19/2015 12:34 PM, marcin kowalski wrote:
Hi, all. I am trying to integrate certmonger with dogtag instance, and so
far i've stumbled on one odd problem. Hopefully this is the right list.
I've generated some random cert with getcert request, it has communicated
with dogtag, and i
Well, thanks Martin for the info :)
On 05/19/2015 08:23 PM, Martin Kosek wrote:
On 05/19/2015 03:21 PM, Dewangga Bachrul Alam wrote:
Thank you Martin,
Yes, the IPA Server was built on CentOS 7.1. But, some client still
using CentOS 6.x, but I have plan upgrade them to 7.x.
Is it gave a
On 5/19/15 1:21 AM, David Kupka wrote:
On 05/19/2015 09:04 AM, thierry bordaz wrote:
On 05/19/2015 03:42 AM, Janelle wrote:
On 5/18/15 6:23 PM, Janelle wrote:
Once again, replication/sync has been lost. I really wish the product
was more stable, it is so much potential and yet.
Servers
Thank you Martin,
Yes, the IPA Server was built on CentOS 7.1. But, some client still
using CentOS 6.x, but I have plan upgrade them to 7.x.
Is it gave a problem if some client still on CentOS 6.x and the IPA
Server built on CentOS 7.x ?
On 05/19/2015 08:14 PM, Martin Kosek wrote:
On
On 5/19/15 12:17 AM, Ludwig Krispenz wrote:
On 05/19/2015 08:58 AM, thierry bordaz wrote:
On 05/19/2015 07:47 AM, Martin Kosek wrote:
On 05/19/2015 03:23 AM, Janelle wrote:
Once again, replication/sync has been lost. I really wish the
product was more
stable, it is so much potential and
Thanks for the tip, I am using whatever is in current fedora, which is 0.76
or similar version. I'll give an updated version a shot.
I had similar results with ubuntu's 0.75.x
2015-05-19 16:30 GMT+02:00 Nalin Dahyabhai na...@redhat.com:
On Tue, May 19, 2015 at 12:34:47PM +0200, marcin kowalski
Sina Owolabi wrote:
Hi Rob
Ive been to the URL but its a little difficult applying these commands
to RHEL6 systems.
For instance there is no /etc/pki-tomcat directory in RHEL6, and I
cannot find the ipa.crt
Im sure as a noob I am overlooking some very obvious stuff, but could
you please guide
On Tue, May 19, 2015 at 12:34:47PM +0200, marcin kowalski wrote:
Hi, all. I am trying to integrate certmonger with dogtag instance, and so
far i've stumbled on one odd problem. Hopefully this is the right list.
I've generated some random cert with getcert request, it has communicated
with
On 05/19/2015 10:10 AM, Megan . wrote:
I'm struggling with a replication conflict. I had three masters,
dir1, dir2, dir3. There were some weird issues with dir2 where I was
getting error 49 (Invalid credentials) without any real
information.
Where did you see this? command line output? Of
Thank you for the reply. I think I just got frustrated. I
uninstalled ipa on the dir2 replica then set it back up again as a
replica. Everything seems to be replicating just fine without errors
now. I know that this isn't the preferred or documented solution but
i needed the server back online
On 05/19/2015 12:27 PM, Megan . wrote:
Thank you for the reply. I think I just got frustrated. I
uninstalled ipa on the dir2 replica then set it back up again as a
replica. Everything seems to be replicating just fine without errors
now. I know that this isn't the preferred or documented
Boyce, George Robert. (GSFC-762.0)[NICS] wrote:
I don’t understand what is happening…
If I use a compound OR filter to search for “cn” or “uid”, I only get
back the match for uid. I expect to get both. If I add a search for a
nonexistent attribute like “name”, I get nothing back. I expect to
Hi Rob
Thanks!
I noticed that the problematic records have their expiration in the
future! And I also do not have pki-tomcatd, it's pki-cad.
From getcert list, the troublesome IDs are:
Request ID '20130524104828':
status: CA_UNREACHABLE
ca-error: Server at
Another key difference I noticed is that the problematic certs have
CA:IPA in them, while the working certs have CA:
dogtag-ipa-retrieve-agent-submit.
getcert list
Number of certificates and requests being tracked: 8.
Request ID '20130524104636':
status: CA_UNREACHABLE
Megan . wrote:
Thank you for the reply. I think I just got frustrated. I
uninstalled ipa on the dir2 replica then set it back up again as a
replica. Everything seems to be replicating just fine without errors
now. I know that this isn't the preferred or documented solution but
i needed the
On 05/19/2015 01:53 PM, Boyce, George Robert. (GSFC-762.0)[NICS] wrote:
I don’t understand what is happening…
If I use a compound OR filter to search for “cn” or “uid”, I only get
back the match for uid. I expect to get both. If I add a search for a
nonexistent attribute like “name”, I get
I don't understand what is happening...
If I use a compound OR filter to search for cn or uid, I only get back the
match for uid. I expect to get both. If I add a search for a nonexistent
attribute like name, I get nothing back. I expect to get back the entry
matched by the other term.
# l
On 05/14/2015 07:09 PM, William Graboyes wrote:
Hi Dmitri,
No I am sticking to the 90 day, gotta start the change in the right direction
somewhere :).
So I am trying out LBT Self service password, and I am wondering if there is
documentation anywhere on how to create a service style account
On 05/14/2015 10:15 AM, David Little wrote:
Hi there,
I was reading this document regarding using 3rd party certificates in
FreeIPA:
https://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
Which includes the information The certificate in mysite.crt must be
signed by the CA
I'm struggling with a replication conflict. I had three masters,
dir1, dir2, dir3. There were some weird issues with dir2 where I was
getting error 49 (Invalid credentials) without any real
information. When i did ipa-replica-manage list-ruv i saw dir2
twice. I couldn't get it straight so i
32 matches
Mail list logo