[Freeipa-users] DNS chages made from the WebUI take a long time to be recognized.

2013-01-14 Thread Tim Hildred
Should it take several hours for me to be able to ping a host at it's new IP address when I update the DNS record in the WebUI? I deleted the old records (A and PTR), and added new records for the same FQDN, with a different IP address. But I can't ping the host using the FQDN. Tim Hildred, RH

Re: [Freeipa-users] JSON-RPC documentation?

2013-01-14 Thread Brian Smith
That helps a lot. Thanks! I would use ipalib, but I'm developing a Rails application, so the JSON interface is the quickest (and since XML may be deprecated) best way forward (unless you know a way to use it in Ruby :). I'm guessing in JSON, the structure would look something like this: { "me

Re: [Freeipa-users] JSON-RPC documentation?

2013-01-14 Thread Rob Crittenden
Dmitri Pal wrote: On 01/14/2013 08:16 PM, Brian Smith wrote: Before I pester the dev list, I was wondering if anyone here could point me to documentation on the JSON-RPC interface to FreeIPA. I'm not doing anything fancy, just adding users and updating passwords, so my requirements are pretty t

Re: [Freeipa-users] JSON-RPC documentation?

2013-01-14 Thread Dmitri Pal
On 01/14/2013 08:16 PM, Brian Smith wrote: > Before I pester the dev list, I was wondering if anyone here could > point me to documentation on the JSON-RPC interface to FreeIPA. I'm > not doing anything fancy, just adding users and updating passwords, so > my requirements are pretty tame. I've go

[Freeipa-users] JSON-RPC documentation?

2013-01-14 Thread Brian Smith
Before I pester the dev list, I was wondering if anyone here could point me to documentation on the JSON-RPC interface to FreeIPA. I'm not doing anything fancy, just adding users and updating passwords, so my requirements are pretty tame. I've gone through the Python code and have somewhat pieced

Re: [Freeipa-users] Process conflict issue when restarting IPA

2013-01-14 Thread Dmitri Pal
On 01/14/2013 05:59 PM, William Muriithi wrote: > Hello > > When I restart IPA through ipactl, I get the following message. All > seem to be working despite the message. I think it is pki-ca that is > running on tomcat > > Starting httpd: [Fri Jan 11 16:13:25 2013] [warn] worker > ajp://localhos

[Freeipa-users] Process conflict issue when restarting IPA

2013-01-14 Thread William Muriithi
Hello When I restart IPA through ipactl, I get the following message. All seem to be working despite the message. I think it is pki-ca that is running on tomcat Starting httpd: [Fri Jan 11 16:13:25 2013] [warn] worker ajp://localhost:9447/ already used by another worker [Fri Jan 11 16:13:25 20

Re: [Freeipa-users] compat and ou=People

2013-01-14 Thread Orion Poplawski
On 01/14/2013 01:40 PM, Nalin Dahyabhai wrote: On Mon, Jan 14, 2013 at 12:06:35PM -0700, Orion Poplawski wrote: We're looking at migrating from 389ds to ipa. Currently our users are in ou=People with rfc2307 attributes. Is there any way to provide an ou=people,dc=nwra,dc=com compatibility grou

Re: [Freeipa-users] compat and ou=People

2013-01-14 Thread Nalin Dahyabhai
On Mon, Jan 14, 2013 at 12:06:35PM -0700, Orion Poplawski wrote: > We're looking at migrating from 389ds to ipa. Currently our users > are in ou=People with rfc2307 attributes. Is there any way to > provide an ou=people,dc=nwra,dc=com compatibility group in IPA? Or > does everything have to rema

[Freeipa-users] compat and ou=People

2013-01-14 Thread Orion Poplawski
We're looking at migrating from 389ds to ipa. Currently our users are in ou=People with rfc2307 attributes. Is there any way to provide an ou=people,dc=nwra,dc=com compatibility group in IPA? Or does everything have to remain under cn=compat? We have a lot of references to ou=People,dc=nwra

Re: [Freeipa-users] openldap to ipa

2013-01-14 Thread Rob Crittenden
Johnathan Phan wrote: Anyone know the details of the low level system steps for the migration script to work? so I can try and backwards engineer or troubleshoot each system as I go along so I can actually migrate the data from openldap to ipa? The migration is taking place in the context of th

Re: [Freeipa-users] openldap to ipa

2013-01-14 Thread Johnathan Phan
Anyone know the details of the low level system steps for the migration script to work? so I can try and backwards engineer or troubleshoot each system as I go along so I can actually migrate the data from openldap to ipa? Regards John On Mon, Jan 14, 2013 at 9:19 AM, Johnathan Phan wrote: > H

Re: [Freeipa-users] how do i apply patch?

2013-01-14 Thread Umarzuki Mochlis
2013/1/12 John Dennis : > 1) Download the source rpm matching the version you have installed, add the > patch, rebuild the rpm locally, install the locally built rpm. how do i 'add the patch' to source rpm? any documentation that i can follow to do this? -- Regards, Umarzuki Mochlis http://debm

Re: [Freeipa-users] openldap to ipa

2013-01-14 Thread Johnathan Phan
Hi Aquino, thanks for the input, however. There is a CRT in there already and it was set to allow on both the IPA server and the target openldap server. the core of the issue seems to be that IPA does not accept the cert either locally or remotely as it does not trust it. anyone know how I can tr

Re: [Freeipa-users] CSV support in IPA administration tools - to be, or not to be?

2013-01-14 Thread Martin Kosek
On 01/14/2013 09:09 AM, Petr Viktorin wrote: > On 01/11/2013 09:57 PM, John Dennis wrote: >> On 01/11/2013 03:52 PM, Dmitri Pal wrote: >>> On 01/11/2013 03:27 PM, John Dennis wrote: On 01/11/2013 03:10 PM, Dmitri Pal wrote: > On 01/10/2013 11:00 AM, John Dennis wrote: >> On 01/10/2013

Re: [Freeipa-users] CSV support in IPA administration tools - to be, or not to be?

2013-01-14 Thread Petr Viktorin
On 01/11/2013 09:57 PM, John Dennis wrote: On 01/11/2013 03:52 PM, Dmitri Pal wrote: On 01/11/2013 03:27 PM, John Dennis wrote: On 01/11/2013 03:10 PM, Dmitri Pal wrote: On 01/10/2013 11:00 AM, John Dennis wrote: On 01/10/2013 08:15 AM, Petr Spacek wrote: Hello, is there any user of CSV sup