On 18/11/2014 22:56, Jakub Hrozek wrote:
On 18 Nov 2014, at 23:23, Roderick Johnstone r...@ast.cam.ac.uk wrote:
On 18/11/2014 22:19, Dmitri Pal wrote:
On 11/18/2014 12:57 PM, Roderick Johnstone wrote:
Hi
I'm trying to migrate some nis accounts to RHEL 6 IdM while still
keeping the original
On 18/11/2014 22:58, Rob Crittenden wrote:
Roderick Johnstone wrote:
On 18/11/2014 22:19, Dmitri Pal wrote:
On 11/18/2014 12:57 PM, Roderick Johnstone wrote:
Hi
I'm trying to migrate some nis accounts to RHEL 6 IdM while still
keeping the original passwords.
I followed the instructions at:
On 11/18/2014 07:44 PM, Will Sheldon wrote:
No, not resolved yet I did test with GSSAPI (-Y) and like you it
worked. :(
Hello,
Would it be possible to get server1/server2 logs (error/access) and
config (dse.ldif) ?. Turning on replication logs would help (
On 19/11/2014 08:33, Roderick Johnstone wrote:
On 18/11/2014 22:58, Rob Crittenden wrote:
Roderick Johnstone wrote:
On 18/11/2014 22:19, Dmitri Pal wrote:
On 11/18/2014 12:57 PM, Roderick Johnstone wrote:
Hi
I'm trying to migrate some nis accounts to RHEL 6 IdM while still
keeping the
thank you,
It is work by using ldap+krb5 (nisclient:centos4.8).By the way, Is it
possible to enroll nisclient ? And how to do this?And how to carry out HBAC
RULES for nisclient?I try to use WebUI,but i am not succeed,look
like this:
Enrollment
Kerberos Key:
Kerberos Key Not Present
hi All,
-- Finished Dependency Resolution
Error: Package: freeipa-server-4.1.1-1.1.el7.centos.x86_64 (mkosek-freeipa)
Requires: pki-ca = 10.2.0-3
Available: pki-ca-10.0.5-3.el7.noarch (base)
pki-ca = 10.0.5-3.el7
Available:
On 11/19/2014 11:37 AM, Tamas Papp wrote:
hi All,
-- Finished Dependency Resolution
Error: Package: freeipa-server-4.1.1-1.1.el7.centos.x86_64 (mkosek-freeipa)
Requires: pki-ca = 10.2.0-3
Available: pki-ca-10.0.5-3.el7.noarch (base)
pki-ca =
I am good in waiting;)
Thanks for the prompt reply.
--
Sent from mobile
On November 19, 2014 11:54:40 AM Martin Kosek mko...@redhat.com wrote:
On 11/19/2014 11:37 AM, Tamas Papp wrote:
hi All,
-- Finished Dependency Resolution
Error: Package: freeipa-server-4.1.1-1.1.el7.centos.x86_64
On 11/19/2014 05:25 AM, Zhong Qiang wrote:
thank you,
It is work by using ldap+krb5 (nisclient:centos4.8).By the way, Is it
possible to enroll nisclient ? And how to do this?And how to carry out
HBAC RULES for nisclient?I try to use WebUI,but i am not succeed,look
Only SSSD understands IPA
Roderick Johnstone wrote:
On 19/11/2014 08:33, Roderick Johnstone wrote:
On 18/11/2014 22:58, Rob Crittenden wrote:
Roderick Johnstone wrote:
On 18/11/2014 22:19, Dmitri Pal wrote:
On 11/18/2014 12:57 PM, Roderick Johnstone wrote:
Hi
I'm trying to migrate some nis accounts to RHEL 6 IdM
Rob Crittenden wrote:
Roderick Johnstone wrote:
On 19/11/2014 08:33, Roderick Johnstone wrote:
On 18/11/2014 22:58, Rob Crittenden wrote:
Roderick Johnstone wrote:
On 18/11/2014 22:19, Dmitri Pal wrote:
On 11/18/2014 12:57 PM, Roderick Johnstone wrote:
Hi
I'm trying to migrate some nis
On 11/19/2014 11:57 AM, Tamas Papp wrote:
I am good in waiting;)
Thanks for the prompt reply.
Ok Tamas, I think we *finally* got somewhere. Can you please try the
mkosek/freeipa Copr repo now?
I was able to install upstream freeipa-server 4.1.1 package on my RHEL-7.0
machine (should be the
Hi Marin,
I was able to install from the copr repo now as well. Thank you!
However I wasn't able to finish the install:
[23/27]: configure certmonger for renewals
[24/27]: configure certificate renewals
[error] DBusException: org.fedorahosted.certmonger.bad_arg: The location
It is highly probable the issue is caused by SELinux (check for AVCs in
/var/log/audit/audit.log).
Can you try with SELinux permissive? We specifically did not build
selinux-policy as we do not think we should be the ones maintaining it for
CentOS.
HTH,
Martin
- Original Message -
Hi Martin,
Yes, setting selinux to permissive allowed me to install and configure IPA
4.1 on CentOS 7.
:-)
On Wed, Nov 19, 2014 at 11:41 AM, Martin Kosek mko...@redhat.com wrote:
It is highly probable the issue is caused by SELinux (check for AVCs in
/var/log/audit/audit.log).
Can you try
Good news!
To clarify on the selinux-policy side. By not maintaining it for the CentOS I
meant that FreeIPA Copr should not maintain system policy for any system, not
just SELinux.
Ideally, it should have a SELinux policy module that would be compiled for
SELinux only and that would only
hi Martin,
Much better:)
Unfortunately not perfect yet.
[...]
Done configuring DNS key synchronization service (ipa-dnskeysyncd).
Restarting ipa-dnskeysyncd
Restarting named
ipa : ERRORNamed service failed to start (Command
''/bin/systemctl' 'restart' 'named-pkcs11.service''
On 11/19/2014 09:23 PM, Tamas Papp wrote:
hi Martin,
Much better:)
Unfortunately not perfect yet.
[...]
Done configuring DNS key synchronization service (ipa-dnskeysyncd).
Restarting ipa-dnskeysyncd
Restarting named
ipa : ERRORNamed service failed to start (Command
On 11/19/2014 09:29 PM, Martin Kosek wrote:
Ah, yes. This one is not a problem with the CentOS port, but rather
existing problem in FreeIPA 4.1.1 which will be fixed in FreeIPA 4.1.2
on all platforms, including Fedora 21 and CentOS.
See upstream ticket:
On 11/19/2014 10:24 PM, Tamas Papp wrote:
On 11/19/2014 09:29 PM, Martin Kosek wrote:
Ah, yes. This one is not a problem with the CentOS port, but rather existing
problem in FreeIPA 4.1.1 which will be fixed in FreeIPA 4.1.2 on all
platforms, including Fedora 21 and CentOS.
See upstream
On 11/19/2014 10:27 PM, Martin Kosek wrote:
Actually no, FreeIPA 4.1 is planned to be included in RHEL-7.1 release
- so you can look forward to that :-)
Very good!
Then everything is good for testing:)
t
--
Manage your subscription for the Freeipa-users mailing list:
I suddenly started getting errors when I try to use ipa-getkeytab:
[root@ipa1 kerberize]# ipa-getkeytab -s jn01 -p hdfs/jn01 -k
jn01.hdfs.keytab
SASL Bind failed Can't contact LDAP server (-1) !
ldap seems to be answering on the non-SASL port (ei: ldapsearch -x -h
localhost CN=richard works
I have a quick question Do I need to configure the forwarders of freeipa-server
4.1.1 when doing the freeipa-install-server?
I forgot the reason why I don't need to because my email suddenly deleted that
message from Martin, and now I can't remember why or how not to include a
forwarder, and
I've installed freeipa 4.1.1 --setup-dns --no-forwarders so far the
installation went well .. but I need to configure freeipa server as a forwarder
right?
so I used te web UI and added the freeipaserver ip as a forwarder, then I
rebooted the freeipa server.
after the reboot I couldn't access
I have a quick question Do I need to configure the forwarders of freeipa-server
4.1.1 when doing the freeipa-install-server?
I forgot the reason why I don't need to because my email suddenly deleted that
message from Martin, and now I can't remember why or how not to include a
forwarder, and
25 matches
Mail list logo