Re: [Freeipa-users] Error in IPA webinterface then DNS name contains \032 ()

On 22.3.2016 11:21, Troels Hansen wrote: >> >> web ui uses API command: >> {"method":"dnsrecord_show","params":[["my.zone.test.","LIFX\\032Bulb"],{"all":true,"rights":true,"structured":true,"version":"2.163"}]} >> >> Could you check what is yours? >> 1. open developer tool in browser (usually F12)

Re: [Freeipa-users] Error in IPA webinterface then DNS name contains \032 ()

> > web ui uses API command: > {"method":"dnsrecord_show","params":[["my.zone.test.","LIFX\\032Bulb"],{"all":true,"rights":true,"structured":true,"version":"2.163"}]} > > Could you check what is yours? > 1. open developer tool in browser (usually F12) > 2. Network tab > 3. Refresh the page, look

Re: [Freeipa-users] Certificate profiles and CA ACLs for service principals

On Tue, Mar 22, 2016 at 09:59:58AM +0100, Martin Kosek wrote: > On 03/22/2016 05:55 AM, Fraser Tweedale wrote: > > On Fri, Mar 18, 2016 at 08:12:44PM +1100, earsdown wrote: > ... > > To my fellow FreeIPA developers: are service groups a sensible RFE? > > Is there a reason why they have not been

[Freeipa-users] Error in IPA webinterface then DNS name contains \032 ()

I have noticed a bug in the IPA webinterface, under DNS Zones -> and clicking on a zone that contains a DNS record containig space (\032) Currently, I get: "LIFX\032Bulb: DNS resource record not found" However, after clicking OK, it displays the rest of the records. Its in no way a pretty

Re: [Freeipa-users] Certificate profiles and CA ACLs for service principals

On 03/22/2016 05:55 AM, Fraser Tweedale wrote: > On Fri, Mar 18, 2016 at 08:12:44PM +1100, earsdown wrote: ... > To my fellow FreeIPA developers: are service groups a sensible RFE? > Is there a reason why they have not been implemented? It *is* sensible RFE and it was actually already filed!

Re: [Freeipa-users] Error in IPA webinterface then DNS name contains \032 ()

On 03/22/2016 09:59 AM, Troels Hansen wrote: I have noticed a bug in the IPA webinterface, under DNS Zones -> and clicking on a zone that contains a DNS record containig space (\032) Currently, I get: "LIFX\032Bulb: DNS resource record not found" However, after clicking OK, it displays the

Re: [Freeipa-users] Lock screen when Smart Card is removed.

On Fri, Mar 18, 2016 at 10:53:08AM -0500, Michael Rainey (Contractor) wrote: > Hi Sumit, > > It has been a week and I am following up with you on the lock screen issue. > Have you had any progress? If so, I am hoping implementing the fix will be > quick and easy. Thank you for your patience.

Re: [Freeipa-users] Error in IPA webinterface then DNS name contains \032 ()

- On Mar 22, 2016, at 12:34 PM, Petr Spacek pspa...@redhat.com wrote: > > Have you tried > # ipa dnsrecord-show casalogic.lan. 'LIFX\032Bulb' > ? > > I suspect that Bash is playing escaping game with you. > Same result.. ipa dnsrecord-show casalogic.lan. 'LIFX\032Bulb' ipa: ERROR:

Re: [Freeipa-users] Certificate profiles and CA ACLs for service principals

Hi Fraser, Martin and Alexander, Thanks for looking into this! For what it's worth, I think for this particular use case, I'm leaning more towards Alexander when he said: I don't think you need to group services this way. For managing services, and this means being able to issue

[Freeipa-users] Samba Integration with AD Trust

Hi all, I'm attempting to integrate Samba 4.2.3 with IPA 4.2 (RHEL7). I have a kerberos trust established between IPA and AD. I have followed the instructions on the wiki [1], but had some questions and problems specifically related to share permissions: I'm having trouble with shares where

Re: [Freeipa-users] sudo with OTP

Im having some issues applying these patches with dependencies. But on a side note, this needs to be applied to the client machines as well the IPA server itself, correct? Thanks On Mon, Mar 14, 2016 at 8:54 AM, Brad Bendy wrote: > I see that now, thanks for the link. Ill

[Freeipa-users] Removing the requirement to add domain to users login

I have been tasked with setting up an IPA AD trust. I have my ipa server setup, the trust is setup, and appears to be working for the most part. I have two problems. I would like for users to login with userid only. Right now I can only login using userid@ad_domain I am hoping there is

Re: [Freeipa-users] Renewing an externally signed HTTP/LDAP certificate

Joseph Timothy Foley wrote: Hi Rob. You are right that I should be able to just update it on our second server. What happened was I was trying to see if the certificate would work on the install process since I couldn't figure out the renewal. This did not work, which is why I just sent out an

Re: [Freeipa-users] Renewing an externally signed HTTP/LDAP certificate

Joseph Timothy Foley wrote: Hi Rob. To add to this mess, I seem to have somehow confused the LDAP certificate configuration in the process of setting up a replicant (ipa.cs.ru.is) with my new StartSSL (personal) certificate. The previous certificate was a corporate Level2 certificate. Trying

Re: [Freeipa-users] Removing the requirement to add domain to users login

Stacy With regard to you first problem, IIRC you can have it default to a single domain – it doesn’t matter which. Users from the other domain, will need to login via the u...@my.other.domain.com I had exactly this problem. If you want to change it, it’s the