On 04/14/2014 11:49 PM, Mario Gonzalez wrote:
Den 14. april 2014 23:25, skrev Rob Crittenden:
Steven Jones wrote:
Login a directory manager?
Right, something like:
$ ldappasswd -x -D 'cn=directory manager' -W -S
uid=admin,cn=users,cn=accounts,dc=example,dc=com
And don't set the maxlife
On Fri, 2014-04-11 at 10:37 -0400, Fredy Sanchez wrote:
Hi all,
We asked this same question at discussions.apple.com, but figured we'd have
better luck here. I apologize in advance if this is the wrong forum.
We are switching from Synology (DSM 5) to Mavericks server (v3.1.1. running
in
Variant (A) - IdP + PKINIT:
A1) User authenticates to his SAML/OpenID provider (external domain)
A2) User locally generates CSR
A3) User contacts IdP (gssapi/saml ; gssapi/openid) and sends CSR to
the IdP
A4) IdP returns short-lived certificate (validity period matches
policy for
So I am a partial noob to this so I appreciate any leeway / help ahead of time.
We found http://linsec.ca/Using_FreeIPA_for_User_Authentication#Mac_OS_X_10.7.2F10.8 and we're just wanting to use the directory functions of Free IPA for now.
Walking through the directory until works until we try
Dear all:
http://heartbleed.com/ openssl announced before.
We use 3rd part official cert ref. to this and convert to pck12 format by
openssl. ( centos 6.4 ipa 3.0)
http://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
any patch for ipa need to added or OS level ?
Regards
Hi Barry,
FreeIPA only uses OpenSSL for some client libraries. The web server and CA
components are not affected by heartbleed.
Best,
Nathan
On Tue, Apr 15, 2014 at 7:34 PM, barry...@gmail.com wrote:
Dear all:
http://heartbleed.com/ openssl announced before.
We use 3rd part official