Re: [Freeipa-users] automount questions

Right, currently this affects direct maps only. With SSSD integration, there's one extra glitch that if automounter starts before SSSD does, the automounter only gets Connection refused from the sss module and does not retry reading the maps. That's nasty and should be probably fixed. I can

Re: [Freeipa-users] 2.1.90 rc1 testing on F17 alpha

On Mon, 2012-03-12 at 13:41 -0600, Rich Megginson wrote: On 03/12/2012 01:39 PM, Dmitri Pal wrote: On 03/12/2012 03:20 PM, Rich Megginson wrote: On 03/12/2012 12:40 PM, Dmitri Pal wrote: On 03/12/2012 01:23 PM, Rich Megginson wrote: On 03/12/2012 11:06 AM, Stephen Ingram wrote: On Mon,

[Freeipa-users] Slight confusion about groups, netgroups, sudo rules etc.

Hello. I'm currently looking at implementing IPA in a mixed environment, consisting of RHEL6, RHEL5 and Solaris 10 systems. The IPA server(s) is the most recent one bundled with RHEL 6.2. I have some general rules I'll need to follow as best as I can, but I'm not really sure how to do this in

Re: [Freeipa-users] need info on AD / IPA coexistence

2012/3/8 Brian Cook bc...@redhat.com Also, I would not use 'delegation record' from AD, use conditional forwarding for *.unix.abcd.ca. Your AD admins should know how to do it. --- Brian Cook Solutions Architect, Red Hat, Inc. 407-212-7079 On Mar 8, 2012, at 9:04 AM, Simo Sorce

Re: [Freeipa-users] Fwd: manual client join

On Mon, Dec 19, 2011 at 5:36 AM, John Dennis jden...@redhat.com wrote: Sorry, but currently on the command line the only way to specify a certificate is via it's serial number. The serial number is the only identifier guaranteed to be unique. However, I agree it's not convenient. Would you

Re: [Freeipa-users] manual client join

On 03/13/2012 05:16 PM, Stephen Ingram wrote: On Sat, Dec 3, 2011 at 10:56 AM, Dmitri Pal d...@redhat.com wrote: On 11/30/2011 03:59 PM, Rob Crittenden wrote: Stephen Ingram wrote: Rob- On Wed, Nov 30, 2011 at 12:04 PM, Rob Crittendenrcrit...@redhat.com wrote: Retrieve the CA certificate

Re: [Freeipa-users] Fwd: manual client join

On 03/13/2012 04:44 PM, Stephen Ingram wrote: On Mon, Dec 19, 2011 at 5:36 AM, John Dennis jden...@redhat.com wrote: Sorry, but currently on the command line the only way to specify a certificate is via it's serial number. The serial number is the only identifier guaranteed to be unique.

Re: [Freeipa-users] Fwd: manual client join

On 03/13/2012 05:29 PM, Stephen Ingram wrote: On Tue, Mar 13, 2012 at 2:25 PM, Dmitri Pal d...@redhat.com wrote: Thank you! Just FYI, all tickets go into NEEDS_TRIAGE bucket first so that we do the correct processing and handling when we triage them. Got it. Sorry about that. I guess that's