Re: [Freeipa-users] Centos7/IPA4.2 : disable/enable hosts

Johan Vermeulen wrote: > Rob, > > thanks for helping me out. > I support some 80 laptop users at the moment, all running Centos7. > The users are now in ldap, the laptops ( hosts) are not. I'm testing the > ability to add the laptops as hosts. > > Under "identity - hosts", when selecting a host,

[Freeipa-users] 'NoneType' object is not iterable when removing broken ipa-server replica

Help! I'm having issues removing a bad replica. Everytime I run: ipa-replica-manage del ipa01.example.com or ipa-replica-manage del --force ipa0 1 .example.com I get an error: 'NoneType' object is not iterable if I try to remove it from the web interface: IPA Error 903: InternalError

Re: [Freeipa-users] RHEL 6.9 AD Smart Card login

I made the changes in this Bugzilla report and its still failing. When I click on Smartcard Authenication on the GDM login screen, I get the error message "Authentication failure".It looks like this Bugzilla was for IDM users using smart cards. I'm trying to use Active Directory

[Freeipa-users] strange error when running "ipa help topics"

Never seen this one before,  any hints? testidm]# ipa help topics ipa: ERROR: error marshalling data for XML-RPC transport: message: need a ; got 'No valid Negotiate header in server response' (a ) -Chris -- Manage your subscription for the Freeipa-users

Re: [Freeipa-users] SSH access to only specific hosts useding ssh keys

So I want a user "bob" to ssh into server1 as the username of "support" with support@server1, but not let Bob ssh into support@server2. I have Bob's ssh public key added to the support user. I can block Bob from server1 or server2 with HBAC, but I have to add support to both servers and since

Re: [Freeipa-users] strange error when running "ipa help topics"

Chris Dagdigian wrote: > > Never seen this one before, any hints? > > testidm]# ipa help topics > ipa: ERROR: error marshalling data for XML-RPC transport: message: need > a ; got 'No valid Negotiate header in server response' > (a ) What version of client and what version of server? Newer

Re: [Freeipa-users] 'NoneType' object is not iterable when removing broken ipa-server replica

Jake wrote: > Help! > I'm having issues removing a bad replica. > > Everytime I run: > > ipa-replica-manage del ipa01.example.com > or > ipa-replica-manage del --force ipa01.example.com > > I get an error: 'NoneType' object is not iterable > > if I try to remove it from the web interface: > >

Re: [Freeipa-users] RHEL 6.9 AD Smart Card login

On Tue, Apr 11, 2017 at 04:24:51PM +, spammewo...@cox.net wrote: > I made the changes in this Bugzilla report and its still failing. When I > click on Smartcard Authenication on the GDM login screen, I get the error > message "Authentication failure".It looks like this Bugzilla was for

[Freeipa-users] Problem starting smb service after ipa-adtrust-install

hello I'm unable to start smb after executing ipa-adtrust-install. the execution of ipa-adtrust-install is: [root@hostname ~]# ipa-adtrust-install --enable-compat --add-agents -d The log file for this installation can be found in /var/log/ipaserver-install.log ipa : DEBUG

Re: [Freeipa-users] Centos7/IPA4.2 : disable/enable hosts

Rob, thanks for helping me out. I support some 80 laptop users at the moment, all running Centos7. The users are now in ldap, the laptops ( hosts) are not. I'm testing the ability to add the laptops as hosts. Under "identity - hosts", when selecting a host, I go to "actions". The only way I see

Re: [Freeipa-users] Centos7/IPA4.2 : disable/enable hosts

Hello, thanks for the advise. I will try this asap. Greetings, J. 2017-04-11 0:51 GMT+02:00 Lachlan Musicman : > On 11 April 2017 at 00:14, Johan Vermeulen wrote: > >> Hello All, >> >> just getting started with FreeIPA and one of the first features

Re: [Freeipa-users] Password-based authentication with AD users does not work

On Mon, Apr 10, 2017 at 11:49:05AM +0200, Ronald Wimmer wrote: > On 2017-04-07 10:28, Sumit Bose wrote: > > [...] > > I'm not aware of any limitation here. Have you tried to run 'ipa > > trust-fetch-domains ad.forest.root' to update the list? > > > > If this does not help please add 'log level =