Is it sane to request that freeipa store ssh keys for users who come into the
environment via a trust? Not all of them, of course, but those who want to
store public keys there.
My freeipa server is mostly there to manage machines, and users (incl. me)
mostly come in over trusts from the corpor
On 09/08/2014 07:29 PM, Olga Kornievskaia wrote:
Thank you very much for your quick reply.
It is a brand new fedora 20 vm.
OK good.
Can you send or share the ipa server installation log?
Are you using a cert from AD and trying to chain to an AD CA?
There is nothing that's running on port
On 09/08/2014 06:52 PM, James James wrote:
Hi everybody,
I want a user to be able to do ipa-getkeytab to retrieve the keys from
any host in the realm.
How can I do this ?
Where I can find an ACI example
(https://www.redhat.com/archives/freeipa-users/2010-July/msg00024.html) which
can helps
Hi everybody,
I want a user to be able to do ipa-getkeytab to retrieve the keys from any
host in the realm.
How can I do this ?
Where I can find an ACI example (
https://www.redhat.com/archives/freeipa-users/2010-July/msg00024.html)
which can helps me ?
Thanks for your help.
--
Manage your su
On 09/08/2014 03:49 PM, Olga Kornievskaia wrote:
Can somebody help with the following problem(s) I've encountered while
trying to install the freeipa server?
Problem #1:
On fedora 20, I have:
1. using yum install acquired the free-ipa-server package.
2. ran ipa-server-install
--- that has faile
Can somebody help with the following problem(s) I’ve encountered while
trying to install the freeipa server?
Problem #1:
On fedora 20, I have:
1. using yum install acquired the free-ipa-server package.
2. ran ipa-server-install
— that has failed with “CA did not start in 300s”
One thing that’s no
Anwar El fatayri wrote:
> *Hello everyone...*
> *
> *
> *I'm trying to request SSL Certificates from my machines (ex :
> vadqualif02) for a specific service (ex : Syslog-ng).*
> *
> *
> *I would like to distinguish between my client and server certificates
> by changing the DN. The problem is that
Hello everyone...
I'm trying to request SSL Certificates from my machines (ex : vadqualif02) for
a specific service (ex : Syslog-ng).
I would like to distinguish between my client and server certificates by
changing the DN. The problem is that when I try to do that (see the command
below), I'm
The FreeIPA team is proud to announce FreeIPA v4.0.2!
It can be downloaded from http://www.freeipa.org/page/Downloads. The
builds will be available for Fedora 21. Builds for Fedora 20 are
available in the official
[https://copr.fedoraproject.org/coprs/mkosek/freeipa/ COPR repository].
== Hig
hi
Please go ahead with below structure, It works!
Re: [Freeipa-users] Does Solaris 11 work as client to IPA server?
Re: [Freeipa-users] Does Solaris 11 work as client to IPA server?
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index
On (08/09/14 11:24), Tevfik Ceydeliler wrote:
>Is there any article to describe how to configure ubuntu client for ipa and
>sudo policy?
>
I have already described steps in this thread.
It works for me. You did the same steps. It means there is problem on server
side.
LS
--
Manage your subscrip
Hello folks,
I'm setting up an IPA-server instance aimed to be used primarily for
Linux/Unix clients ssh authentication (with kerberos).
I've managed to successfully set up debian clients (via sssd and also on
older debians, through libnss and pam_krb5). But for some reason I can't
authenticat
Is there any article to describe how to configure ubuntu client for ipa
and sudo policy?
On 02-09-2014 11:13, Lukas Slebodnik wrote:
On (02/09/14 11:02), Tevfik Ceydeliler wrote:
Step 0
root@clnt:/home/awtadm# grep sudoers /etc/nsswitch.conf
sudoers_debug:1
sudoers: files sss
root@clnt
On Sun, Sep 07, 2014 at 11:41:16PM +0200, Gregor Bregenzer wrote:
> Hi!
>
> I have an AD trust with FreeIPA 4.0.1 and defined a HBAC rule for a
> specific user group (=ad_users which is an posix group that has an
> external group as member) to login on a specific client
> (=linux1.linux.intern).
>
14 matches
Mail list logo