Re: [Freeipa-users] FreeIPA WebUI Logout logs back in

On 04/28/2015 11:53 PM, Dmitri Pal wrote: > On 04/28/2015 05:39 PM, Rob Crittenden wrote: >> Dmitri Pal wrote: >>> On 04/28/2015 05:11 PM, Christopher Lamb wrote: HI All I have just tested with the FreeIPA Web UI public demo https://ipa.demo1.freeipa.org/ipa/ui/ Using

Re: [Freeipa-users] FreeIPA WebUI Logout logs back in

HI Simo, Dmitiri, Rob and co. Simos "log in with a different user" suggestion is pretty much what I was intending. I want to be able to log out of the web ui, then log back in with a different user. e.g. to allow a newly added user to change their password to something secret. On this particular

Re: [Freeipa-users] FreeIPA WebUI Logout logs back in

On Tue, 2015-04-28 at 17:53 -0400, Dmitri Pal wrote: > On 04/28/2015 05:39 PM, Rob Crittenden wrote: > > Dmitri Pal wrote: > >> On 04/28/2015 05:11 PM, Christopher Lamb wrote: > >>> HI All > >>> > >>> I have just tested with the FreeIPA Web UI public demo > >>> https://ipa.demo1.freeipa.org/ipa/ui/

Re: [Freeipa-users] FreeIPA WebUI Logout logs back in

On 04/28/2015 05:39 PM, Rob Crittenden wrote: Dmitri Pal wrote: On 04/28/2015 05:11 PM, Christopher Lamb wrote: HI All I have just tested with the FreeIPA Web UI public demo https://ipa.demo1.freeipa.org/ipa/ui/ Using the public demo, when I log out, I get returned to the login screen, as exp

Re: [Freeipa-users] FreeIPA WebUI Logout logs back in

On Apr 28, 2015 11:33 PM, "Dmitri Pal" wrote: > > On 04/28/2015 05:11 PM, Christopher Lamb wrote: >> >> HI All >> >> I have just tested with the FreeIPA Web UI public demo >> https://ipa.demo1.freeipa.org/ipa/ui/ >> >> Using the public demo, when I log out, I get returned to the login screen, >> a

Re: [Freeipa-users] Also attempting to integrate Solaris 10 clients with freeipa

Siggi Thanks for the reminder. I did see these a while ago - I've seen so much in so many places and became rapidly confused, because I don't have much ldap or ipa experience. I'll review your instructions and see how they fit with the Solaris 11 instructions from the mailing list that I fou

Re: [Freeipa-users] FreeIPA WebUI Logout logs back in

Dmitri Pal wrote: > On 04/28/2015 05:11 PM, Christopher Lamb wrote: >> HI All >> >> I have just tested with the FreeIPA Web UI public demo >> https://ipa.demo1.freeipa.org/ipa/ui/ >> >> Using the public demo, when I log out, I get returned to the login >> screen, >> as expected. This allows me to l

Re: [Freeipa-users] Also attempting to integrate Solaris 10 clients with freeipa

Roderick Johnstone wrote: > On 28/04/2015 19:23, Dmitri Pal wrote: >> On 04/28/2015 02:12 PM, Roderick Johnstone wrote: >>> On 23/04/15 14:14, Rob Crittenden wrote: Roderick Johnstone wrote: > On 23/04/15 04:25, Rob Crittenden wrote: >> Roderick Johnstone wrote: >>> On 22/04/15 14:

Re: [Freeipa-users] FreeIPA WebUI Logout logs back in

On 04/28/2015 05:11 PM, Christopher Lamb wrote: HI All I have just tested with the FreeIPA Web UI public demo https://ipa.demo1.freeipa.org/ipa/ui/ Using the public demo, when I log out, I get returned to the login screen, as expected. This allows me to log in with a different user. With our o

Re: [Freeipa-users] Also attempting to integrate Solaris 10 clients with freeipa

On 28/04/2015 19:23, Dmitri Pal wrote: On 04/28/2015 02:12 PM, Roderick Johnstone wrote: On 23/04/15 14:14, Rob Crittenden wrote: Roderick Johnstone wrote: On 23/04/15 04:25, Rob Crittenden wrote: Roderick Johnstone wrote: On 22/04/15 14:30, Dmitri Pal wrote: On 04/21/2015 01:13 PM, Roderic

Re: [Freeipa-users] FreeIPA WebUI Logout logs back in

HI All I have just tested with the FreeIPA Web UI public demo https://ipa.demo1.freeipa.org/ipa/ui/ Using the public demo, when I log out, I get returned to the login screen, as expected. This allows me to log in with a different user. With our own installation FreeIPA, from exactly the same bro

Re: [Freeipa-users] how can i create home directories automatically on solaris while IPA user login

Hi, You may download the profile from bugzilla, here’s a direct link to the attachement: https://bugzilla.redhat.com/attachment.cgi?id=579657 Modify the server names and baseDN to match your environment. Use ldapadd to add the dua profile

Re: [Freeipa-users] Also attempting to integrate Solaris 10 clients with freeipa

Hi, I wrote these bugzilla entries based on my own Solaris 10 configuration for IPA a while back. Did you try these? They include a working DUA profile (need to change server names of course) and the steps I did for configuring Solaris 10 as an IPA client. Config: https://bugzilla.redhat.com/s

Re: [Freeipa-users] Also attempting to integrate Solaris 10 clients with freeipa

On 04/28/2015 02:12 PM, Roderick Johnstone wrote: On 23/04/15 14:14, Rob Crittenden wrote: Roderick Johnstone wrote: On 23/04/15 04:25, Rob Crittenden wrote: Roderick Johnstone wrote: On 22/04/15 14:30, Dmitri Pal wrote: On 04/21/2015 01:13 PM, Roderick Johnstone wrote: Hi I also need to i

Re: [Freeipa-users] Also attempting to integrate Solaris 10 clients with freeipa

On 23/04/15 14:14, Rob Crittenden wrote: Roderick Johnstone wrote: On 23/04/15 04:25, Rob Crittenden wrote: Roderick Johnstone wrote: On 22/04/15 14:30, Dmitri Pal wrote: On 04/21/2015 01:13 PM, Roderick Johnstone wrote: Hi I also need to integrate Solaris 10 clients with freeipa servers.

Re: [Freeipa-users] FreeIPA and sambaPwdLastSet

Resending it to the right list. :) Not my evening. On Tue, 28 Apr 2015, Alexander Bokovoy wrote: On Tue, 28 Apr 2015, Christopher Lamb wrote: Hi All I wish to pick your brains on the attribute sambaPwdLastSet We have a newly setup FreeIPA 4.1.0, with users and groups migrated from an old 3.0

Re: [Freeipa-users] FreeIPA and sambaPwdLastSet

On Tue, 28 Apr 2015, Dmitri Pal wrote: On 04/28/2015 12:17 PM, Christopher Lamb wrote: Hi All I wish to pick your brains on the attribute sambaPwdLastSet We have a newly setup FreeIPA 4.1.0, with users and groups migrated from an old 3.0.0 instance. We are also running Samba to share files to

Re: [Freeipa-users] FreeIPA and sambaPwdLastSet

On 04/28/2015 12:17 PM, Christopher Lamb wrote: Hi All I wish to pick your brains on the attribute sambaPwdLastSet We have a newly setup FreeIPA 4.1.0, with users and groups migrated from an old 3.0.0 instance. We are also running Samba to share files to Windows and OSX users. This means that

[Freeipa-users] FreeIPA and sambaPwdLastSet

Hi All I wish to pick your brains on the attribute sambaPwdLastSet We have a newly setup FreeIPA 4.1.0, with users and groups migrated from an old 3.0.0 instance. We are also running Samba to share files to Windows and OSX users. This means that all the FreeIPA user accounts have the attribute

Re: [Freeipa-users] 4.1.4 and OTP

On 4/28/15 6:44 AM, Nathaniel McCallum wrote: On Fri, 2015-04-17 at 20:21 -0700, Janelle wrote: On 4/17/15 5:59 PM, Dmitri Pal wrote: On 04/17/2015 08:07 PM, Janelle wrote: On Apr 17, 2015, at 16:36, Dmitri Pal wrote: On 04/17/2015 04:52 PM, Janelle wrote: On 4/17/15 1:19 PM, Dmitri P

Re: [Freeipa-users] Fw: Web ui error “Your session has expired. Please re-login.” from a browser on a remote client.

Hi Martin That is great. However you may wish to qualify what "significant" is. In the case of the original clock-skew problems (between the IPA LDAP Server and sssd clients on other servers), a skew in the order of 5 minutes was enough to prevent us sshing into our servers with an ldap user. Yo

Re: [Freeipa-users] freeIPA and AD in multi-homed environment

On 04/28/2015 07:35 AM, Alexander Frolushkin wrote: Hello. We were also planned relatively large deployment (8 sites, 19 IPA servers), and for now our experience told us that Red Hat official support is a must-have option for IPA in mission-critical environment. IPA is still a very fresh sol

Re: [Freeipa-users] 4.1.4 and OTP

On Fri, 2015-04-17 at 20:21 -0700, Janelle wrote: > On 4/17/15 5:59 PM, Dmitri Pal wrote: > > On 04/17/2015 08:07 PM, Janelle wrote: > > > > > > > > > > > > > > > On Apr 17, 2015, at 16:36, Dmitri Pal wrote: > > > > > > > On 04/17/2015 04:52 PM, Janelle wrote: > > > > > On 4/17/15 1:19 PM, D

Re: [Freeipa-users] How to renew an expired admin certificate

On 04/28/2015 02:56 AM, Niranjan M.R wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/28/2015 11:20 AM, Kamal Perera wrote: Dear All, I'm in the process of regaining one of the old CA systems which was not being used for a long time. In the root CA, administrator certificate is exp

Re: [Freeipa-users] How to renew an expired admin certificate

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/28/2015 11:20 AM, Kamal Perera wrote: > Dear All, > > I'm in the process of regaining one of the old CA systems which was not being > used for a long time. > > In the root CA, administrator certificate is expired and cannot access the > agent

Re: [Freeipa-users] Fw: Web ui error “Your session has expired. Please re-login.” from a browser on a remote client.

On 04/27/2015 06:09 PM, Christopher Lamb wrote: > > Hi All > > I may have found a possible cause of our instance of the "Your session has > expired" Web UI error on our new FreeIPA 4.1.0 Server > > By chance I checked the date on the server hosting FreeIPA 4.1.0. To my > surprise, despite runni

Re: [Freeipa-users] freeIPA and AD in multi-homed environment

Hello. We were also planned relatively large deployment (8 sites, 19 IPA servers), and for now our experience told us that Red Hat official support is a must-have option for IPA in mission-critical environment. IPA is still a very fresh solution and it have some issues you may face. WBR, Alexand

Re: [Freeipa-users] freeIPA and AD in multi-homed environment

OK, everything is clear now. Thank you again. :) 2015-04-28 14:16 GMT+03:00 Alexander Bokovoy : > On Tue, 28 Apr 2015, Арсений Черняков wrote: > >> Thank you for quick response. So, did I got it right, that this limitation >> is affecting only RedHat support agreement, and not the technical side

Re: [Freeipa-users] freeIPA and AD in multi-homed environment

On Tue, 28 Apr 2015, Арсений Черняков wrote: Thank you for quick response. So, did I got it right, that this limitation is affecting only RedHat support agreement, and not the technical side of configuration? We're considering the CentOS 7 deployment, and we don't have Red Hat support agreement.

Re: [Freeipa-users] freeIPA and AD in multi-homed environment

Thank you for quick response. So, did I got it right, that this limitation is affecting only RedHat support agreement, and not the technical side of configuration? We're considering the CentOS 7 deployment, and we don't have Red Hat support agreement. Maybe it's a stupid question, but since we don

Re: [Freeipa-users] freeIPA and AD in multi-homed environment

On Tue, 28 Apr 2015, Арсений Черняков wrote: - Hi all. I've got a rather big domain environment with 10 distributed locations, and I'm considering using FreeIPA as an id manager for linux users and servers, alongside with existing AD, using trusts. In every location, there are 2 DCs for

[Freeipa-users] freeIPA and AD in multi-homed environment

- Hi all. I've got a rather big domain environment with 10 distributed locations, and I'm considering using FreeIPA as an id manager for linux users and servers, alongside with existing AD, using trusts. In every location, there are 2 DCs for windows environment, and I'm thinking abo

[Freeipa-users] FreeIPA restarts when changing run-levels

Hi, Is it correct behavior that FreeIPA restarts when changing run-levels between 3 and 5 ? I would have hoped that if it was already running, that changing the run-level between two run-levels for which IPA has both been configured to run, will have no effect if already running (using init-ba

Re: [Freeipa-users] FreeIPA SAML and Google Apps

On 28/04/15 08:53, Andrew Holway wrote: Hi, Is it yet possible to use FreeIPA as an identity provider to Google Apps via SAML. I understand there was some project afoot Thanks, Andrew Maybe this would help. https://fedorahosted.org/ipsilon/ -- Martin Basti -- Manage your subscript