Hello all (again),
I think my reference to a disease prevented my message from being
delivered, despite seeing it posted on the list archive. I apologize
in advance for the additional "noise".
Anyways, I was hoping some lingering questions could be answered
regarding some visible entries via
Hi folks,
Working on a hairy multiple AD Forest integration issue in AWS and would
appreciate a sanity check - I've been wrong so many times about IPA
setup and navigating transitive AD trusts so many times I figured it was
time to ask questions first before falling on my face again, heh.
Hi,
the RUV in the replication agreement is maintained to control changelog
trimming, no changes should be deleted from the changelog which have not
been seen by all consumers. Since not always a connection for a
replication agreement can be established, eg if the consumer is down,
this
On ke, 05 loka 2016, Chris Dagdigian wrote:
Hi folks,
Working on a hairy multiple AD Forest integration issue in AWS and
would appreciate a sanity check - I've been wrong so many times about
IPA setup and navigating transitive AD trusts so many times I figured
it was time to ask questions
Alexander Bokovoy wrote:
You need to read this:
http://www.freeipa.org/page/V4/IPA_Client_in_Active_Directory_DNS_domain
to understand all limitations and problems.
This is technical description. For higher level, see
http://rhelblog.redhat.com/2016/07/13/i-really-cant-rename-my-hosts/
Thank
On ke, 05 loka 2016, Chris Dagdigian wrote:
Hello again,
Following up on an early query about configuring IPA clients that are
in different DNS domains than the IPA server domain & realm
This is our setup:
AD Servers & IPA:
AD Forest #1: company-test.org
AD Forest
Hello again,
Following up on an early query about configuring IPA clients that are in
different DNS domains than the IPA server domain & realm
This is our setup:
AD Servers & IPA:
AD Forest #1: company-test.org
AD Forest #2: company-aws.org
IPA Server:
Alexander Bokovoy wrote:
As
http://www.freeipa.org/page/V4/IPA_Client_in_Active_Directory_DNS_domain
explains, you need to have proper mapping of domains to realms and have
proper definitions for those realms.
We don't see your krb5.conf, so if it deviates from what the wiki
describes, you
Ludwig,
Thank you!
John DeSantis
2016-10-05 10:43 GMT-04:00 Ludwig Krispenz :
> Hi,
>
> the RUV in the replication agreement is maintained to control changelog
> trimming, no changes should be deleted from the changelog which have not
> been seen by all consumers. Since not
On ke, 05 loka 2016, Chris Dagdigian wrote:
Alexander Bokovoy wrote:
As http://www.freeipa.org/page/V4/IPA_Client_in_Active_Directory_DNS_domain
explains, you need to have proper mapping of domains to realms and have
proper definitions for those realms.
We don't see your krb5.conf, so if it
Alexander Bokovoy wrote:
you don't have explicit definition for the AD realms and you don't allow
Kerberos to discover neither realms nor their KDCs via DNS SRV records.
The latter happened because you have used --server option when
configuring the client -- man page for ipa-client-install has
11 matches
Mail list logo