On Wed, 11 Feb 2015, Israel Miranda wrote:
I did follow
http://www.freeipa.org/page/Howto/Integrating_a_Samba_File_Server_With_IPA
but first I was always getting NT_STATUS_UNSUCCESSFUL
First I thought it was related to a bad parameter in my samba
configuration, because
Hi,
I now try to establish a winsync relation with a Windows 2008R2.
I installed IDM 3.3 on RHEL7.
When I try to create the replication:
ipa-replica-manage connect --winsync --binddb
cn=Administrator,cn=Users,dc=company,dc=com --bindpwd passwd --passsync
whatever --cacert
Edit: i acceditanlly forgot to send copy to the list, so resubmitting.
I tried this command :
getcert request -c dogtag-ipa -f /etc/pki/testcert -k /etc/pki/testkey -N
cn=mywebserver
i've setup the 'dogtag-ipa' ca in certmonger like so :
id=dogtag-ipa
ca_aka=Dogtag (IPA,renew,agent)
I forgot to add - usually removing the -v bit in ca external helper
definition produces the aforementioned 'rejected by CA' message, instead of
verbose output.
2015-02-11 10:00 GMT+01:00 marcin kowalski yoshi...@gmail.com:
Edit: i acceditanlly forgot to send copy to the list, so resubmitting.
On Tue, 10 Feb 2015, Israel Miranda wrote:
I have a freeipa installation of v4 on Fedora 21.
I have a separate fileserver with freeipa packages installed from
mkosek-freeipa-epel-7.repo on centos 7.
I have:
* created sambaSAMAccount,sambaGroupMapping UserObjects
* created an entry for DNA
I reply to myself.
This was certainly a Windows configurarion issue. I went further:
ipa-replica-manage connect --winsync --binddb
cn=Administrator,cn=Users,dc=company,dc=com --bindpwd passwd --passsync
whatever --cacert /etc/openssl/cacerets/adRootCa.crt dc.company.com -v
Directory Manager
Ok, after a few awkward questions from an auditor, I am starting to face
the uncomfortable truth that my understanding about how FreeIPA works is a
lot fuzzier than I would like.
Specifically, the question I could not answer - where are the passwords
stored and how are they encrypted? My
On 02/12/2015 01:25 AM, Michael Lasevich wrote:
Ok, after a few awkward questions from an auditor, I am starting to
face the uncomfortable truth that my understanding about how FreeIPA
works is a lot fuzzier than I would like.
Specifically, the question I could not answer - where are the
On 02/12/2015 12:37 AM, Nicolas Zin wrote:
That was that:
in the logs (/var/log/dirsrv/slapd-HQ-EMIRATES-COM/errors) I got:
slapi_ldap_bind - Error: could not send startTLS request: error -11 (Connect
error) errno 0 (Success)
And when i did LDAPTLS_CACERTDIR=/etc/dirsrv/... ldapsearch ...,