On 11/25/2014 08:12 AM, Rolf Nufable wrote:
> Well I tried to kinit the admin account and then reboot the server.. then
> after that it worked, admin account could then log in the ipa web ui.. but
> does this mean that everytime I want to log in to the UI i need to kinit
> manually?
>
> Sent fr
Well I tried to kinit the admin account and then reboot the server.. then after
that it worked, admin account could then log in the ipa web ui.. but does this
mean that everytime I want to log in to the UI i need to kinit manually?
Sent from Yahoo Mail on Android
--
Manage your subscription fo
On 11/25/2014 03:07 AM, Rolf Nufable wrote:
> Goodmorning
> So I've solved my Time error (I think) in my fedora 20, but even though I'm
> having the correct time and configured the browser for kerberos
> authentication I still can't log in my admin account in the web UI
> is there a work around
On Mon, Nov 24, 2014 at 11:04:50AM -0500, Rob Crittenden wrote:
> Outback Dingo wrote:
> > Im curious about monkeysphere http://web.monkeysphere.info/ and how
> > it might compare, integrate, enhance freeipa . any thoughts, or
> > ideas, or is what it does basically already covered via freei
List more than 1 LDAP sever in you config then.
ldap_uri, ldap_backup_uri (string)
Specifies the comma-separated list of URIs of the LDAP servers to which
SSSD should connect in the order of preference. Refer to the "FAILOVER"
section for more information on failover and server redundancy. If neit
Evening, After looking at almost all the SUDO documentation I could find, it looks one has to hardcode FreeIPA hostname on sssd.conf file. Below is what red hat advice to add in sssd config file.services = nss, pam, ssh, pac, sudo [domain/idm.coe.muc.redhat.com] sudo_provider = ldap ldap_uri = ld
On Mon, Nov 24, 2014 at 07:57:01PM +, Craig White wrote:
> You can do that, but why switch the order? Isn't it better to let SSSD
> autodiscover the serves with SRV records?
>
> Sure but it seems that a specific entry is auto-created on each of the
> machines joined to IPA like this one-
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Jakub Hrozek
Sent: Monday, November 24, 2014 12:44 PM
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] sssd.conf question
On Mon, Nov 24, 2014 at 07:27:50PM +, Cra
On Mon, Nov 24, 2014 at 07:27:50PM +, Craig White wrote:
> Starting to look at managing IPA requisites from Puppet - especially because
> I have seen SSSD silently quit.
Are there any errors in either the sssd logs or the syslog?
>
> So if I manage /etc/sssd/sssd.conf file with puppet, I ha
Starting to look at managing IPA requisites from Puppet - especially because I
have seen SSSD silently quit.
So if I manage /etc/sssd/sssd.conf file with puppet, I have 2 IPA servers (with
what appears to be a fully functioning MMR), 01 and 02. Can I arbitrarily
change the 'ipa_server' listed
On 11/24/2014 01:27 PM, Matt . wrote:
Hi,
I need to make sure I have a primary one which is mail, the other ones
should not matter, but I think it's wiser to have it like I know what
is where.
The reason why I need to is because I'm using Kolab which needs at
least a primary mail attribute.
T
Hi,
I need to make sure I have a primary one which is mail, the other ones
should not matter, but I think it's wiser to have it like I know what
is where.
The reason why I need to is because I'm using Kolab which needs at
least a primary mail attribute.
Cheers,
Matt
2014-11-24 19:22 GMT+01:00
On 11/24/2014 12:42 PM, Matt . wrote:
Hi Dimitri,
I need to use multiple email adresses, but not under mail, mail needs
to be primary.
I have seen I can add mailAttribute ?
I need to have them as field, and the best would be something like
alias1, alias2, aliasX
The attributes can be multiva
Cosme Faria Corrêa wrote:
> Hi,
>
> EDUROAM (education roaming) is an international roaming service for
> users in research, higher education and further education.
> It use Openldap, freeradius, radsec to support this objective.
>
> I would like to expand this to create a better infrastructure f
You might be interested in the following links ([1] and [2]) which
refer to the very recent GNOME Infrastructure's migration from
OpenLDAP to FreeIPA.
cheers,
[1]
https://www.dragonsreach.it/2014/10/07/the-gnome-infrastructure-is-now-powered-by-freeipa/
[2]
https://www.dragonsreach.it/2014/10/1
Hi,
EDUROAM (education roaming) is an international roaming service for
users in research, higher education and further education.
It use Openldap, freeradius, radsec to support this objective.
I would like to expand this to create a better infrastructure for our
network, in special wireless
Hi Dimitri,
I need to use multiple email adresses, but not under mail, mail needs
to be primary.
I have seen I can add mailAttribute ?
I need to have them as field, and the best would be something like
alias1, alias2, aliasX
Would be doable ?
Cheers,
Matt
2014-11-24 17:51 GMT+01:00 Dmitri
On 11/24/2014 11:36 AM, Matt . wrote:
Hi All,
I see it's possible to add an extra field to a user by creating a new
userobjectclass.
The issue is that this field is not yet @ the user, but can we create it here ?
/usr/lib/python2.6/site-packages/ipalib/plugins/user.py
Any direction would be g
Thank you for your prompt reply :).
I still don't discover what caused the problem, but now I could get more
information about the problem.
I run the command that you commented me, I did as follows:
- kinit usuipa
- kvno imap/zimbrafreeipa.example@fi.example.com
(I said in my previous mail
Hi All,
I see it's possible to add an extra field to a user by creating a new
userobjectclass.
The issue is that this field is not yet @ the user, but can we create it here ?
/usr/lib/python2.6/site-packages/ipalib/plugins/user.py
Any direction would be great!
Thanks,
Matt
--
Manage your su
Outback Dingo wrote:
> Im curious about monkeysphere http://web.monkeysphere.info/ and how
> it might compare, integrate, enhance freeipa . any thoughts, or
> ideas, or is what it does basically already covered via freeipa?
>
>
There does seem to be a fair bit of overlap with the SSH key
John Desantis wrote:
> Hello again,
>
> I was just wondering if there was an update on this thread?
>
> Since it is just one machine having an issue, do you (Rob and Rich)
> think a re-initialization from the master on the affected host would
> clear the clog? I have left it alone since Mark was
On 24.11.2014 13:56, Maria Jose Yañez Dacosta wrote:
> Hi!,
>
> I'm installing a Zimbra server to authenticate using SSO against FreeIPA.
> When when trying to access I'm getting an error which makes me think that
> probably I forget set something else in FreeIPA configuration.
>
> Because I'm a
Hi!,
I'm installing a Zimbra server to authenticate using SSO against FreeIPA.
When when trying to access I'm getting an error which makes me think that
probably I forget set something else in FreeIPA configuration.
Because I'm a newbie with using FreeIPA.
And when I configured SSO with existing
Hello again,
I was just wondering if there was an update on this thread?
Since it is just one machine having an issue, do you (Rob and Rich)
think a re-initialization from the master on the affected host would
clear the clog? I have left it alone since Mark was brought into the
discussion.
Than
On 20.11.2014 08:18, Rolf Nufable wrote:
> I have a quick question Do I need to configure the forwarders of
> freeipa-server 4.1.1 when doing the freeipa-install-server?
This is *necessary* only if you have some internal DNS zones which are not
resolvable using public DNS infrastructure. In all ot
On 18.11.2014 09:54, Rolf Nufable wrote:
> Hello all I have a question regarding the log in in IPA
> well I didn't expect this to happen since last week all installation went
> smoothly and the adding of the clients as well but now I have another
> problem.
> My first problem was ntp/ntpdate was
27 matches
Mail list logo