Steven Jones wrote:
Hi,
We have a master at our DR site which is further way than our 2 local masters, is there
a way (in DNS say) that we could encourage clients to use the closer IPA masters?
eg
host -t SRV _ldap._tcp.ods.vuw.ac.nz
_ldap._tcp.ods.vuw.ac.nz has SRV record 0 100 389
Hi,
I am trying to migrate my database from OpenLDAP to freeIPA
(ipa-server-3.0.0-37.el6.x86_64) but I get an error when freeIPA starts
to import the group (all the users were imported without problem).
This is the command that I am using for import:
ipa migrate-ds --with-compat
I don't believe that the attribute is an OU.
try performing a:
ipa group-show engineering --all --raw
I believe that your automember rule wants to be cn=^Engineering
You cannot hope to secure that which you do not first understand
~~~
Jr Aquino
cbul...@gmail.com wrote:
Hi,
I am trying to migrate my database from OpenLDAP to freeIPA
(ipa-server-3.0.0-37.el6.x86_64) but I get an error when freeIPA starts
to import the group (all the users were imported without problem).
This is the command that I am using for import:
ipa migrate-ds
I just noticed that I had been incorrectly setting the NIS domain name
since upgrading to Fedora 20 and FreeIPA 3.3.4, yet I appear to be
successfully retrieving and using sudo rules from FreeIPA. Is sudo
still using NIS-style netgroups? Is there still a requirement to set
the NIS domain name?
On 04/30/2014 07:58 PM, Steven Jones wrote:
Hi,
We want to use 2FA tokens and cant because of a Kerberos issue. I assume if
this hasnt been upgraded yet that you cant get the passthrough?
What is the issue you are facing?
For OTP to work you need latest Kerberos. It is not RHEL yet.
RHEL7
On 04/30/2014 06:45 PM, Leigh Moulder wrote:
Hi all,
I'm very new to FreeIPA, so I hope this isn't answered in
documentation somewhere already.
I'm working to get my infrastructure DIACAP approved, and part of this
process includes unique user accounts with smart card integration. I
was
On 05/01/2014 04:07 PM, Dean Hunter wrote:
I just noticed that I had been incorrectly setting the NIS domain name
since upgrading to Fedora 20 and FreeIPA 3.3.4, yet I appear to be
successfully retrieving and using sudo rules from FreeIPA. Is sudo
still using NIS-style netgroups? Is there
Hi Rob,
Thanks so much for your help!.
Our openLDAP uses memberuid attribute because we migrated the original
database from NIS server.
Your tip worked great. Just let me correct a typo error:
--group-objectclass=posixgroup
Thanks again,
cbu
On 05/01/2014 11:58 AM, Rob Crittenden wrote:
On Thu, 2014-05-01 at 16:32 -0400, Dmitri Pal wrote:
On 05/01/2014 04:07 PM, Dean Hunter wrote:
I just noticed that I had been incorrectly setting the NIS domain
name since upgrading to Fedora 20 and FreeIPA 3.3.4, yet I appear to
be successfully retrieving and using sudo rules from
10 matches
Mail list logo