Is it possible to completely automate the client enrollment process similar
to securenets in NIS? I'm trying to migrate NIS to IDM, and hoping that it
runs largely in auto-pilot mode. The kickstarter method suggests adding
host entries with a one time kerberos password to launch unattended client
On 03/21/2015 05:53 AM, Prasun Gera wrote:
Is it possible to completely automate the client enrollment process
similar to securenets in NIS? I'm trying to migrate NIS to IDM, and
hoping that it runs largely in auto-pilot mode. The kickstarter method
suggests adding host entries with a one time
Hi Rob,
Yes, sssd is running and this is sssd.conf:
[domain/hq.example.com]
debug_level=9
cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = hq.example.com
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname = meson.hq.example.com
chpass_provider =
On 03/20/2015 08:56 PM, McEvoy, James wrote:
When I look at the password entries for my rfc2307 account in Active
directory I get three different answers.
The only correct one is on a server where I used sssd to join AD
directly ( the last one ). Do I need to configure
rfc2307? When I
Indeed, id admin does not work and there is no sign of it in the log.
From the client (with admin-tools installed):
$ kinit admin
Password for ad...@hq.example.com:
$ ipa user-show admin
User login: admin
Last name: Administrator
Home directory: /home/admin
Login shell: /bin/bash
UID:
Roberto Cornacchia wrote:
Indeed, id admin does not work and there is no sign of it in the log.
From the client (with admin-tools installed):
$ kinit admin
Password for ad...@hq.example.com mailto:ad...@hq.example.com:
$ ipa user-show admin
User login: admin
Last name: Administrator
/etc/nsswitch.conf:
passwd: files
shadow: files
group: files
hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc:files
services: files
Yes, this approach would work, and it would be a good enhancement. It would
make migration from NIS easier with very little impact to users. Are you
saying that something like this can be implemented right now? Or do you
mean that this is how it could be done in future ? How does a host submit a
Hello,
I was wondering, I don't seem to be able to put multiple SSH keys into
IPA? Am I missing something? it seems to replace the one that was there
instead of adding an additional.
~J
--
Manage your subscription for the Freeipa-users mailing list:
